CVE-2016-1688

The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.

Database specific

{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "last_affected": "50.0.2661.102"
                }
            ],
            "cpe": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "14.04"
                }
            ],
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "15.10"
                }
            ],
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "16.04"
                }
            ],
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "cpe": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "42.1"
                }
            ],
            "cpe": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "13.2"
                }
            ],
            "cpe": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "6.0"
                }
            ],
            "cpe": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "6.0"
                }
            ],
            "cpe": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "6.0"
                }
            ],
            "cpe": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "12.0"
                }
            ],
            "cpe": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        }
    ]
}

References

Affected packages

Git / github.com/v8/v8

Affected ranges

Type

GIT

Repo

https://github.com/v8/v8

Events

Introduced

Last affected

ad16e6c2cbd2c6b0f2e8ff944ac245561c682ac2

Database specific

{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.0.71"
        }
    ],
    "cpe": "cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*",
    "source": "CPE_FIELD"
}

Affected versions

3.*

3.21.18

3.26.30

3.28.33

3.28.34

3.28.36

3.28.37

3.28.39

3.28.40

3.28.41

3.28.42

3.28.44

3.28.46

3.28.47

3.28.49

3.28.55

3.28.56

3.28.58

3.28.61

3.28.63

3.28.66

3.28.67

3.28.68

3.28.70

3.28.72

3.29.1

3.29.12

3.29.13

3.29.15

3.29.18

3.29.19

3.29.2

3.29.21

3.29.22

3.29.26

3.29.28

3.29.3

3.29.30

3.29.31

3.29.32

3.29.33

3.29.34

3.29.36

3.29.37

3.29.39

3.29.4

3.29.42

3.29.44

3.29.45

3.29.46

3.29.47

3.29.48

3.29.49

3.29.5

3.29.51

3.29.52

3.29.54

3.29.55

3.29.56

3.29.58

3.29.6

3.29.60

3.29.61

3.29.62

3.29.63

3.29.65

3.29.67

3.29.68

3.29.69

3.29.7

3.29.71

3.29.72

3.29.73

3.29.76

3.29.77

3.29.79

3.29.8

3.29.80

3.29.85

3.29.86

5.*

5.0.71

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-1688.json"