vulnerability

Google Chrome Vulnerability: CVE-2023-0137 Heap buffer overflow in Platform Apps

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Jan 11, 2023	Jan 11, 2023	Aug 12, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Jan 11, 2023

Added

Jan 11, 2023

Modified

Aug 12, 2025

Description

Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Solution

google-chrome-upgrade-latest

References

CVE-2023-0137
https://attackerkb.com/topics/CVE-2023-0137
CWE-787
URL-https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html
URL-https://crbug.com/1399904

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today