High severity8.8NVD Advisory· Published Oct 27, 2017· Updated May 13, 2026
CVE-2017-5121
CVE-2017-5121
Description
Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.
Affected products
7cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- Range: Google Chrome prior to 61.0.3163.100 for Linux, Windows and Mac
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.debian.org/security/2017/dsa-3985nvd
- www.securityfocus.com/bid/100947nvd
- www.securitytracker.com/id/1039497nvd
- access.redhat.com/errata/RHSA-2017:2792nvd
- blogs.technet.microsoft.com/mmpc/2017/10/18/browser-security-beyond-sandboxing/nvd
- chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.htmlnvd
- crbug.com/765433nvd
- security.gentoo.org/glsa/201709-25nvd
News mentions
0No linked articles in our index yet.