GCVE - cpe:2.3:a:n/a:google_chrome_prior_to_60.0.3112.78_for_mac,_windows,_linux_and

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:google_chrome_prior_to_60.0.3112.78_for_mac,_windows,_linux_and_android:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Google Chrome Prior To 60.0.3112.78 For Mac, Windows, Linux And Android (`5fcdae20-42ec-5015-b8a7-0baee6a92ece`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-5110`	vulnerable	2026-06-08 05:09:39.140979	Details available Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. Published: 2017-10-27T05:00:00.000Z Updated: 2024-08-05T14:47:44.503Z Open on db.gcve.eu Reference links https://security.gentoo.org/glsa/201709-15 http://www.debian.org/security/2017/dsa-3926 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html http://www.securityfocus.com/bid/99950 https://access.redhat.com/errata/RHSA-2017:1833	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5108`	vulnerable	2026-06-08 05:09:39.139965	Details available Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file. Published: 2017-10-27T05:00:00.000Z Updated: 2024-08-05T14:47:44.357Z Open on db.gcve.eu Reference links https://security.gentoo.org/glsa/201709-15 http://www.debian.org/security/2017/dsa-3926 https://crbug.com/695830 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html http://www.securityfocus.com/bid/99950	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5106`	vulnerable	2026-06-08 05:09:39.138944	Details available Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. Published: 2017-10-27T05:00:00.000Z Updated: 2024-08-05T14:47:44.421Z Open on db.gcve.eu Reference links https://crbug.com/714628 https://security.gentoo.org/glsa/201709-15 http://www.debian.org/security/2017/dsa-3926 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html http://www.securityfocus.com/bid/99950	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5105`	vulnerable	2026-06-08 05:09:39.138328	Details available Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. Published: 2017-10-27T05:00:00.000Z Updated: 2024-08-05T14:47:44.429Z Open on db.gcve.eu Reference links https://security.gentoo.org/glsa/201709-15 http://www.debian.org/security/2017/dsa-3926 https://crbug.com/729979 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html http://www.securityfocus.com/bid/99950	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5102`	vulnerable	2026-06-08 05:09:39.136711	Details available Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Published: 2017-10-27T05:00:00.000Z Updated: 2024-08-05T14:47:44.399Z Open on db.gcve.eu Reference links https://crbug.com/727678 https://security.gentoo.org/glsa/201709-15 http://www.debian.org/security/2017/dsa-3926 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html http://www.securityfocus.com/bid/99950	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5098`	vulnerable	2026-06-08 05:09:39.132826	Details available A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Published: 2017-10-27T05:00:00.000Z Updated: 2024-08-05T14:47:44.465Z Open on db.gcve.eu Reference links https://security.gentoo.org/glsa/201709-15 http://www.debian.org/security/2017/dsa-3926 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html http://www.securityfocus.com/bid/99950 https://access.redhat.com/errata/RHSA-2017:1833	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5094`	vulnerable	2026-06-08 05:09:39.125111	Details available Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page. Published: 2017-10-27T05:00:00.000Z Updated: 2024-08-05T14:47:44.519Z Open on db.gcve.eu Reference links https://crbug.com/702946 https://security.gentoo.org/glsa/201709-15 http://www.debian.org/security/2017/dsa-3926 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html http://www.securityfocus.com/bid/99950	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5093`	vulnerable	2026-06-08 05:09:39.124464	Details available Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page. Published: 2017-10-27T05:00:00.000Z Updated: 2024-08-05T14:47:44.362Z Open on db.gcve.eu Reference links https://crbug.com/550017 https://security.gentoo.org/glsa/201709-15 http://www.debian.org/security/2017/dsa-3926 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html http://www.securityfocus.com/bid/99950	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Google Chrome Prior To 60.0.3112.78 For Mac, Windows, Linux And Android

PURL mappings

Vulnerability references

Contribute