Denial Of Service (DoS)

2019-01-1509:02:34

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

v8314-v8 is vulnerable to denial of service (DoS) attacks. The vulnerability exists as the DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index.

CPENameOperatorVersion
v8314-v8eq3.14.5.10__3.6.el6
hibernate-beanvalidation-apieq1.0.0__1.7.GA_redhat_1.ep6.el6
python-amqpeq1.0.13__1.el6ost
python-amqpeq1.3.3__1.el6
python-amqpeq1.0.13__1.el7ost
ruby193-rubygem-trollopeq1.16.2__2.el6cf
ruby193-rubygem-tireeq0.3.13__9.el6_4
python-requestseq1.1.0__8.1.el7ost
python-requestseq1.1.0__8.1.el6
python-requestseq1.1.0__3.1.1.el6

Name	Operator	Version
v8314-v8	eq	3.14.5.10__3.6.el6
hibernate-beanvalidation-api	eq	1.0.0__1.7.GA_redhat_1.ep6.el6
python-amqp	eq	1.0.13__1.el6ost
python-amqp	eq	1.3.3__1.el6
python-amqp	eq	1.0.13__1.el7ost
ruby193-rubygem-trollop	eq	1.16.2__2.el6cf
ruby193-rubygem-tire	eq	0.3.13__9.el6_4
python-requests	eq	1.1.0__8.1.el7ost
python-requests	eq	1.1.0__8.1.el6
python-requests	eq	1.1.0__3.1.1.el6