CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5128 – chromium-browser: same-origin bypass in v8
https://notcve.org/view.php?id=CVE-2016-5128
23 Jul 2016 — objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. objects.cc en Google V8 en versiones anteriores a 5.2.361.27, como se utiliza en Google Chrome en versiones anteriores a 52.0.2743.82, no impide que los interceptores de la API modifiquen un objetivo de almacenamiento sin ajustar una propiedad,... • http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html • CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0CVE-2016-5129 – chromium-browser: memory corruption in v8
https://notcve.org/view.php?id=CVE-2016-5129
23 Jul 2016 — Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. Google V8 en versiones anteriores a 5.2.361.32, como se utiliza en Google Chrome en versiones anteriores a 52.0.2743.82, no procesa adecuadamente los objetos recortados por la izquierda, lo que permite a atacantes remotos provocar una dene... • http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •