Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-9651

Опубликовано: 09 янв. 2019
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 6.8
CVSS3: 8.8

Описание

A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

РелизСтатусПримечание
artful

released

55.0.2883.87-0ubuntu1
bionic

released

55.0.2883.87-0ubuntu1
cosmic

released

55.0.2883.87-0ubuntu1
devel

released

55.0.2883.87-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [58.0.3029.81-0ubuntu0.14.04.1172]]
precise

ignored

precise/esm

DNE

precise was ignored
trusty

released

58.0.3029.81-0ubuntu0.14.04.1172
trusty/esm

DNE

trusty was released [58.0.3029.81-0ubuntu0.14.04.1172]
upstream

released

55.0.2883.75

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
trusty

DNE

trusty/esm

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support
cosmic

ignored

end of life
devel

ignored

libv8 not supported
esm-apps/bionic

ignored

libv8 not supported
esm-apps/xenial

ignored

libv8 not supported
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [libv8 not supported]]
precise

DNE

precise/esm

DNE

trusty

ignored

end of standard support

Показывать по

РелизСтатусПримечание
artful

released

1.19.6-0ubuntu2
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.19.4-0ubuntu0.14.04.1]]
esm-infra/xenial

released

1.19.4-0ubuntu0.16.04.1
precise

DNE

precise/esm

DNE

trusty

released

1.19.4-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [1.19.4-0ubuntu0.14.04.1]

Показывать по

Ссылки на источники

EPSS

Процентиль: 98%
0.52739
Средний

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-9651

CVSS3: 8.8
redhat
около 9 лет назад

A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

nvd логотип

CVE-2016-9651

CVSS3: 8.8
nvd
около 7 лет назад

A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

debian логотип

CVE-2016-9651

CVSS3: 8.8
debian
около 7 лет назад

A missing check for whether a property of a JS object is private in V8 ...

github логотип

GHSA-wp7w-fjvj-wrv2

CVSS3: 8.8
github
больше 3 лет назад

A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

suse-cvrf логотип

openSUSE-SU-2016:3108-1

suse-cvrf
около 9 лет назад

Security update for Chromium

EPSS

Процентиль: 98%
0.52739
Средний

6.8 Medium

CVSS2

8.8 High

CVSS3