CVE-2016-1688

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-1688

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-1688.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-1688

Related

Published

2016-06-05T23:59:17Z

Modified

2024-09-03T01:16:45.420378Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.

References

Affected packages

Git / github.com/v8/v8

Affected ranges

Type: GIT
Repo: https://github.com/v8/v8
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

ad16e6c2cbd2c6b0f2e8ff944ac245561c682ac2

Affected versions

3.*

3.21.18

3.26.30

3.28.33

3.28.34

3.28.36

3.28.37

3.28.39

3.28.40

3.28.41

3.28.42

3.28.44

3.28.46

3.28.47

3.28.49

3.28.55

3.28.56

3.28.58

3.28.61

3.28.63

3.28.66

3.28.67

3.28.68

3.28.70

3.28.72

3.29.1

3.29.12

3.29.13

3.29.15

3.29.18

3.29.19

3.29.2

3.29.21

3.29.22

3.29.26

3.29.28

3.29.3

3.29.30

3.29.31

3.29.32

3.29.33

3.29.34

3.29.36

3.29.37

3.29.39

3.29.4

3.29.42

3.29.44

3.29.45

3.29.46

3.29.47

3.29.48

3.29.49

3.29.5

3.29.51

3.29.52

3.29.54

3.29.55

3.29.56

3.29.58

3.29.6

3.29.60

3.29.61

3.29.62

3.29.63

3.29.65

3.29.67

3.29.68

3.29.69

3.29.7

3.29.71

3.29.72

3.29.73

3.29.76

3.29.77

3.29.79

3.29.8

3.29.80

3.29.85

3.29.86

5.*

5.0.71