CVE-2023-44216

CVE Database · CVE-2023-44216

CVE-2023-44216

· MEDIUMModified

CVSS v3.1

5.3

EPSS

1.81%

Published

Sep 27, 2023

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-203

Affected Products (17)

canonical · ubuntu_linuxvulnerable

amd · ryzen_7_4800uvulnerable

intel · core_i7-10510uvulnerable

intel · core_i7-12700kvulnerable

intel · core_i7-8700vulnerable

microsoft · windows_11vulnerable

intel · core_i7-10610uvulnerable