Google Chrome Prior To 61.0.3163.79 For Mac, Windows And Linux, And 61.0.3163.81 For Android
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:google_chrome_prior_to_61.0.3163.79_for_mac,_windows_and_linux,_and_61.0.3163.81_for_android:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Google Chrome Prior To 61.0.3163.79 For Mac, Windows And Linux, And 61.0.3163.81 For Android (22399893-0fdd-51d5-9e09-f11539262bb9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-5120 |
vulnerable | 2026-06-08 05:09:39.164072 |
Details available
Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could transmit cleartext even though the user had entered an https URL, because of a misdesigned workaround for cases where the domain name in a URL almost matches the domain name in an X.509 server certificate (but differs in the initial "www." substring).
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.442Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-5119 |
vulnerable | 2026-06-08 05:09:39.163616 |
Details available
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.350Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-5118 |
vulnerable | 2026-06-08 05:09:39.163084 |
Details available
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page.
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.468Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-5116 |
vulnerable | 2026-06-08 05:09:39.159085 |
Details available
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.461Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-5113 |
vulnerable | 2026-06-08 05:09:39.155400 |
Details available
Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.397Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.