← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-2136 — Actively Exploited: Chromium Skia (Google)

Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.

CVE IDCVE-2023-2136
VendorGoogle
ProductChromium Skia
Vulnerability nameGoogle Chrome Skia Integer Overflow Vulnerability
Date added2023-04-21
Remediation due2023-05-12
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionGoogle Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →