Vulnerability DatabaseCVE-2023-23374

CVE-2023-23374:
Linux Gentoo vulnerability analysis and mitigation

Overview

Microsoft Edge (Chromium-based) was found to contain a Remote Code Execution vulnerability identified as CVE-2023-23374. The vulnerability was disclosed in February 2023 and affects Microsoft Edge versions up to (excluding) 110.0.1587.41 (NVD, MITRE).

Technical details

The vulnerability has been assigned a CVSS v3.1 base score of 8.3 (HIGH) with the following vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H. This indicates that the vulnerability is network exploitable, requires high attack complexity, needs no privileges, requires user interaction, and can affect resources beyond the security scope of the affected component with potential high impacts on confidentiality, integrity, and availability (NVD).

Impact

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code on the affected system, potentially leading to full system compromise. The high CVSS score indicates severe potential impacts on system confidentiality, integrity, and availability (NVD).

Mitigation and workarounds

Users should upgrade to Microsoft Edge version 110.0.1587.41 or later to address this vulnerability. The fix has been included in subsequent security updates (Gentoo Advisory).

Additional resources

Source: This report was generated using AI

Related Linux Gentoo vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-13470	HIGH	7.7	Linux Debian	rnp-debugsource	No	Yes	Nov 21, 2025
CVE-2025-65018	HIGH	7.1	NixOS	java-1.8.0-openjdk-devel-fastdebug	No	Yes	Nov 25, 2025
CVE-2025-64720	HIGH	7.1	NixOS	java-1.8.0-openjdk-javadoc-zip	No	Yes	Nov 25, 2025
CVE-2025-64506	MEDIUM	6.1	NixOS	java-1.8.0-openjdk-demo-slowdebug	No	Yes	Nov 25, 2025
CVE-2025-64505	MEDIUM	6.1	NixOS	java-25-openjdk-jmods-fastdebug	No	Yes	Nov 25, 2025