V8 Security Vulnerabilities and Issues — V8 CVE List

Lucene search

GoogleV8

4 matches found

CVE•added 2016/07/23 7:59 p.m.•108 views

CVE-2016-5129

Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.

8.8CVSS9.1AI score0.01328EPSS

CVE•added 2024/02/29 1:43 a.m.•101 views

CVE-2024-1939

Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.4AI score0.29663EPSS

CVE•added 2016/07/23 7:59 p.m.•90 views

CVE-2016-5128

objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

8.8CVSS8.3AI score0.00744EPSS

CVE•added 2016/06/05 11:59 p.m.•66 views

CVE-2016-1678

objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

8.8CVSS8.8AI score0.01307EPSS