GCVE - cpe:2.3:a:n/a:google_chrome_prior_to_62.0.3202.62:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:google_chrome_prior_to_62.0.3202.62:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Google Chrome Prior To 62.0.3202.62 (`5502fd71-8bca-535f-a67b-c153d75c0719`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-5133`	vulnerable	2026-06-08 05:09:39.190473	Details available Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:34.974Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://crbug.com/762106 https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5132`	vulnerable	2026-06-08 05:09:39.190084	Details available Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:35.657Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://crbug.com/718858 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5131`	vulnerable	2026-06-08 05:09:39.189657	Details available An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:35.126Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997 https://crbug.com/744109	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5130`	vulnerable	2026-06-08 05:09:39.185887	Details available An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file. Published: 2018-02-07T23:00:00.000Z Updated: 2025-12-03T22:02:32.359Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html http://bugzilla.gnome.org/show_bug.cgi?id=783026 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5129`	vulnerable	2026-06-08 05:09:39.185027	Details available A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:35.591Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://crbug.com/765495 https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5128`	vulnerable	2026-06-08 05:09:39.184646	Details available Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:34.227Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997 https://crbug.com/765469	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5127`	vulnerable	2026-06-08 05:09:39.183993	Details available Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:34.230Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://crbug.com/765384 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5126`	vulnerable	2026-06-08 05:09:39.183605	Details available A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:34.207Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://crbug.com/760455 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5125`	vulnerable	2026-06-08 05:09:39.183133	Details available Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:34.218Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://crbug.com/749147 https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5124`	vulnerable	2026-06-08 05:09:39.182643	Details available Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T14:55:34.231Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://www.reddit.com/r/netsec/comments/7cus2h/chrome_61_uxss_exploit_cve20175124/ https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://crbug.com/762930 https://www.debian.org/security/2017/dsa-4020	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15395`	vulnerable	2026-06-08 05:08:58.827850	Details available A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.715Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://crbug.com/759457 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15394`	vulnerable	2026-06-08 05:08:58.827377	Details available Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.764Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://crbug.com/745580 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15393`	vulnerable	2026-06-08 05:08:58.826967	Details available Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.791Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://crbug.com/732751 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15392`	vulnerable	2026-06-08 05:08:58.826380	Details available Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:26.043Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://crbug.com/714401 https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15391`	vulnerable	2026-06-08 05:08:58.825981	Details available Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.675Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997 https://crbug.com/598265	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15390`	vulnerable	2026-06-08 05:08:58.825595	Details available Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.674Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://crbug.com/750239 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15389`	vulnerable	2026-06-08 05:08:58.825194	Details available An insufficient watchdog timer in navigation in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.729Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997 https://security.gentoo.org/glsa/201710-24	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15388`	vulnerable	2026-06-08 05:08:58.824795	Details available Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.765Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://crbug.com/756563 https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15387`	vulnerable	2026-06-08 05:08:58.824362	Details available Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.597Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/101482 https://crbug.com/756040 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-15386`	vulnerable	2026-06-08 05:08:58.823207	Details available Incorrect implementation in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Published: 2018-02-07T23:00:00.000Z Updated: 2024-08-05T19:57:25.942Z Open on db.gcve.eu Reference links https://crbug.com/752003 http://www.securityfocus.com/bid/101482 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/errata/RHSA-2017:2997	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Google Chrome Prior To 62.0.3202.62

PURL mappings

Vulnerability references

Contribute