CVE-2016-5150 (retired)

Priority
Description
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used
in Google Chrome before 53.0.2785.89 on Windows and OS X and before
53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API
implementation that does not properly restrict key-path evaluation, which
allows remote attackers to cause a denial of service (use-after-free) or
possibly have unspecified other impact via crafted JavaScript code that
leverages certain side effects.
Package
Upstream:released (53.0.2785.92)
Ubuntu 16.04 LTS (Xenial Xerus):released (53.0.2785.143-0ubuntu0.16.04.1.1254)
Package
Upstream:released (1.17.6)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.17.7-0ubuntu0.16.04.1)
More Information

Updated: 2019-09-19 15:58:32 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)