Medium severity6.5NVD Advisory· Published Oct 27, 2017· Updated May 13, 2026

CVE-2017-5094

Description

Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page.

Affected products

N/A/Google Chrome Prior To 60.0.3112.78 For Mac, Windows, Linux And Androidv5
Range: Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Google/Chrome
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Range: <60.0.3112.78
Red Hat/Enterprise Linux Desktop
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Workstation
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000