High severity8.8NVD Advisory· Published Oct 27, 2017· Updated Jun 17, 2026
CVE-2017-5121
CVE-2017-5121
Description
Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- osv-coords2 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2
< 93.0.4577.82-1.1+ 1 more
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 61.0.3163.100-32.1
Patches
Vulnerability mechanics
References
8- www.debian.org/security/2017/dsa-3985nvd
- www.securityfocus.com/bid/100947nvd
- www.securitytracker.com/id/1039497nvd
- access.redhat.com/errata/RHSA-2017:2792nvd
- blogs.technet.microsoft.com/mmpc/2017/10/18/browser-security-beyond-sandboxing/nvd
- chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.htmlnvd
- crbug.com/765433nvd
- security.gentoo.org/glsa/201709-25nvd
News mentions
0No linked articles in our index yet.