Medium severity6.5NVD Advisory· Published Sep 25, 2016· Updated May 6, 2026

CVE-2016-5172

Description

The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rhn.redhat.com/errata/RHSA-2016-1905.htmlnvd
www.debian.org/security/2016/dsa-3667nvd
www.securityfocus.com/bid/92942nvd
www.securitytracker.com/id/1036826nvd
codereview.chromium.org/2077283004nvd
crbug.com/616386nvd
googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.htmlnvd
security.gentoo.org/glsa/201610-09nvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000