Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-6764

Опубликовано: 25 нояб. 2015
Источник: redhat
CVSS2: 2.6

Описание

The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.

Отчет

This issue did not affect the versions of nodejs as shipped with Red Hat Enterprise Software Collections version 2, Red Hat OpenStack Platform and Red Hat Openshift Enterprise and Openshift Online as they do not include the vulnerable version of nodejs.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
OpenShift Enterprise 1nodejsNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational ToolsnodejsNot affected
Red Hat Software Collectionsnodejs010-nodejsNot affected
Red Hat Enterprise Linux 6 Supplementarychromium-browserFixedRHSA-2015:254503.12.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=1285774v8: unspecified out-of-bounds access vulnerability

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-6764

CVSS3: 9.8
ubuntu
больше 9 лет назад

The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.

nvd логотип

CVE-2015-6764

CVSS3: 9.8
nvd
больше 9 лет назад

The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.

debian логотип

CVE-2015-6764

CVSS3: 9.8
debian
больше 9 лет назад

The BasicJsonStringifier::SerializeJSArray function in json-stringifie ...

github логотип

GHSA-834c-r2v5-wppq

CVSS3: 9.8
github
около 3 лет назад

The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.

suse-cvrf логотип

openSUSE-SU-2016:0138-1

suse-cvrf
больше 9 лет назад

Security update for nodejs

2.6 Low

CVSS2