Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:google_chrome_prior_to_61.0.3163.79_for_mac,_windows_and_linux,_and_61.0.3163.81_for_android:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductGoogle Chrome Prior To 61.0.3163.79 For Mac, Windows And Linux, And 61.0.3163.81 For Android (22399893-0fdd-51d5-9e09-f11539262bb9)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2017-5120 vulnerable 2026-06-08 05:09:39.164072 Details available
Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could transmit cleartext even though the user had entered an https URL, because of a misdesigned workaround for cases where the domain name in a URL almost matches the domain name in an X.509 server certificate (but differs in the initial "www." substring).
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.442Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-5119 vulnerable 2026-06-08 05:09:39.163616 Details available
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.350Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-5118 vulnerable 2026-06-08 05:09:39.163084 Details available
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page.
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.468Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-5116 vulnerable 2026-06-08 05:09:39.159085 Details available
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.461Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-5113 vulnerable 2026-06-08 05:09:39.155400 Details available
Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Published: 2017-10-27T05:00:00.000Z
Updated: 2024-08-05T14:47:44.397Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.