Gentoo Linux: CVE-2023-5479: QtWebEngine: Multiple Vulnerabilities

Gentoo Linux: CVE-2023-5479: QtWebEngine: Multiple Vulnerabilities

Severity

7

CVSS

(AV:N/AC:M/Au:N/C:N/I:C/A:N)

Published

10/11/2023

Created

11/28/2023

Added

11/27/2023

Modified

01/28/2025

Description

Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

Solution(s)

• gentoo-linux-upgrade-dev-qt-qtwebengine
• gentoo-linux-upgrade-www-client-chromium
• gentoo-linux-upgrade-www-client-google-chrome
• gentoo-linux-upgrade-www-client-microsoft-edge

References

• https://attackerkb.com/topics/cve-2023-5479
• CVE - 2023-5479
• 202311-11
• 202312-07
• 202401-34