← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-6345 — Actively Exploited: Chromium Skia (Google)

Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a malicious file. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.

CVE IDCVE-2023-6345
VendorGoogle
ProductChromium Skia
Vulnerability nameGoogle Skia Integer Overflow Vulnerability
Date added2023-11-30
Remediation due2023-12-21
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionGoogle Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a malicious file. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →