CVE-2017-5100

🗓️ 27 Oct 2017 05:00:00Reported by ChromeType

A use after free in Google Chrome allowed remote attackers to perform out of bounds memory read

Reporter	Title	Published	Views	Family All 52
FreeBSD	chromium -- multiple vulnerabilities	25 Jul 201700:00	–	freebsd
ArchLinux	[ASA-201707-29] chromium: multiple issues	27 Jul 201700:00	–	archlinux
CNVD	Google Chrome memory misreference vulnerability (CNVD-2017-33600)	30 Oct 201700:00	–	cnvd
Cvelist	CVE-2017-5100	27 Oct 201705:00	–	cvelist
Debian	[SECURITY] [DSA 3926-1] chromium-browser security update	4 Aug 201721:00	–	debian
Debian	[SECURITY] [DSA 3926-1] chromium-browser security update	4 Aug 201721:00	–	debian
Debian CVE	CVE-2017-5100	27 Oct 201705:00	–	debiancve
Tenable Nessus	Debian DSA-3926-1 : chromium-browser - security update	7 Aug 201700:00	–	nessus
Tenable Nessus	Fedora 25 : chromium (2017-c708c044e3)	11 Sep 201700:00	–	nessus
Tenable Nessus	Fedora 26 : chromium (2017-f79ae2b96f)	21 Aug 201700:00	–	nessus

NVD

Node

google chromeRange≤60.0.3112.78

AND

microsoft windowsMatch-

Node

debian debian_linuxMatch9.0

Node

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_workstationMatch6.0

[
  {
    "product": "Google Chrome prior to 60.0.3112.78 for Windows",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Google Chrome prior to 60.0.3112.78 for Windows"
      }
    ]
  }
]

Source	Link
access	www.access.redhat.com/errata/RHSA-2017:1833
crbug	www.crbug.com/718292
chromereleases	www.chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html
securityfocus	www.securityfocus.com/bid/99950
debian	www.debian.org/security/2017/dsa-3926
security	www.security.gentoo.org/glsa/201709-15

13 May 2026 00:24Current

8.2High risk

Vulners AI Score8.2

CVSS 26.8

CVSS 3.18.8

EPSS0.01098

CWE-416