Описание
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 51.0.2704.79-0ubuntu2~cm1 |
| bionic | released | 51.0.2704.79-0ubuntu2~cm1 |
| cosmic | released | 51.0.2704.79-0ubuntu2~cm1 |
| devel | released | 51.0.2704.79-0ubuntu2~cm1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [51.0.2704.79-0ubuntu0.14.04.1.1121]] |
| precise | ignored | |
| precise/esm | DNE | precise was ignored |
| trusty | released | 51.0.2704.79-0ubuntu0.14.04.1.1121 |
| trusty/esm | DNE | trusty was released [51.0.2704.79-0ubuntu0.14.04.1.1121] |
| upstream | released | 51.0.2704.63-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support |
| cosmic | ignored | end of life |
| devel | ignored | libv8 not supported |
| esm-apps/bionic | ignored | libv8 not supported |
| esm-apps/xenial | ignored | libv8 not supported |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [libv8 not supported]] |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 1.15.7-0ubuntu1 |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.15.7-0ubuntu0.14.04.1]] |
| esm-infra/xenial | released | 1.15.7-0ubuntu0.16.04.1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | released | 1.15.7-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1.15.7-0ubuntu0.14.04.1] |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
The ToV8Value function in content/child/v8_value_converter_impl.cc in ...
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.
Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3