Vulnerabilities (CVE)

Filtered by vendor Google Subscribe

Filtered by product V8

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-1677	6 Canonical, Debian, Google and 3 more	10 Ubuntu Linux, Debian Linux, Chrome and 7 more	2018-10-30	4.3 MEDIUM	6.5 MEDIUM
uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."
CVE-2016-1688	6 Canonical, Debian, Google and 3 more	10 Ubuntu Linux, Debian Linux, Chrome and 7 more	2018-10-30	4.3 MEDIUM	6.5 MEDIUM
The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.