Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-1716

Опубликовано: 20 мар. 2014
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
CloudForms Management Engine 5ruby193-v8Not affected
OpenShift Enterprise 1ruby193-v8Not affected
Red Hat OpenShift Enterprise 2v8Not affected
Red Hat OpenStack Platform 3ruby193-v8Not affected
Red Hat OpenStack Platform 3v8Not affected
Red Hat OpenStack Platform 4ruby193-v8Not affected
Red Hat OpenStack Platform 4v8Not affected
Red Hat Satellite 6v8Not affected
Red Hat Software Collectionsv8314-v8Not affected
Red Hat Subscription Asset Managerruby193-v8Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1086112v8: cross-site scripting flaw in Runtime_SetPrototype()

EPSS

Процентиль: 77%
0.01068
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-1716

ubuntu
около 11 лет назад

Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

nvd логотип

CVE-2014-1716

nvd
около 11 лет назад

Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

debian логотип

CVE-2014-1716

debian
около 11 лет назад

Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype f ...

github логотип

GHSA-r863-653f-pw4g

github
около 3 лет назад

Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

fstec логотип

BDU:2014-00145

fstec
около 11 лет назад

Уязвимость браузера Google Chrome, позволяющая злоумышленнику внедрить произвольный веб-сценарий или HTML-код

EPSS

Процентиль: 77%
0.01068
Низкий

4.3 Medium

CVSS2