New Vulnerability Being Exploited, Targeting Google Chrome

New Vulnerability Being Exploited, Targeting Google Chrome

Product and Affected Versions:

  • Product: Google Chrome
  • Affected Versions: Versions up to 119.0.6045.199/.200 for Windows, 119.0.6045.199 for macOS and Linux

Severity and CVE ID

  • Severity: High
  • CVE ID: CVE-2023-6345 (integer overflow in Skia), CVE-2023-2033, CVE-2023-2136, CVE-2023-3079, CVE-2023-4863, CVE-2023-5217 (multiple vulnerabilities)


  • CVE-2023-6345: An integer overflow bug in Skia, an open-source 2D graphics library, allowing potential exploitation by attackers.
  • CVE-2023-2033, CVE-2023-2136, CVE-2023-3079, CVE-2023-4863, CVE-2023-5217: Type confusion, integer overflow, heap buffer overflow vulnerabilities in various components of the browser (V8, Skia, WebP, libvpx).

How Attack Works

Attackers may craft malicious web pages or content to exploit these vulnerabilities and gain unauthorized access to the system.


  • Users are strongly recommended to update their Chrome browser to version 119.0.6045.199/.200 for Windows and 119.0.6045.199 for macOS and Linux.
  • Users of Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should also apply relevant security updates as soon as they are available.


Users can refer to official Google Chrome release notes or security advisories for detailed information and update instructions.