High severity8.8NVD Advisory· Published Oct 27, 2017· Updated May 13, 2026
CVE-2017-5116
CVE-2017-5116
Description
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Affected products
6- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.debian.org/security/2017/dsa-3985nvd
- www.securityfocus.com/bid/100610nvd
- www.securitytracker.com/id/1039291nvd
- access.redhat.com/errata/RHSA-2017:2676nvd
- chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.htmlnvd
- crbug.com/759624nvd
- security.gentoo.org/glsa/201709-15nvd
- security.googleblog.com/2018/01/android-security-ecosystem-investments.htmlnvd
News mentions
0No linked articles in our index yet.