V8 Security Vulnerabilities and Issues — V8 CVE List

Lucene search

GoogleV8

5 matches found

CVE•added 2013/01/15 9:55 p.m.•78 views

CVE-2013-0836

Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code.

6.8CVSS7AI score0.00666EPSS

CVE•added 2016/06/05 11:59 p.m.•74 views

CVE-2016-1677

uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

6.5CVSS6.7AI score0.10058EPSS

CVE•added 2016/06/05 11:59 p.m.•65 views

CVE-2016-1688

The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.

6.5CVSS6.6AI score0.04867EPSS

CVE•added 2013/03/21 9:55 p.m.•57 views

CVE-2013-2632

Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game.

6.8CVSS7AI score0.00493EPSS

CVE•added 2011/10/25 7:55 p.m.•56 views

CVE-2011-3886

Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers out-of-bounds write operations.

6.8CVSS7.2AI score0.00908EPSS