suse · CVE-2016-1663

Quick triage

Priority: high 公開: 2021-05-30 13:38:18 UTC Updated: 2026-04-18 18:02:04 UTC

参照: Official suse advisory, NVD, CVE.org · CVE 詳細

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-1663 severity important: SUSE including 10 source package names (chromedriver-147.0.7727.55-bp156.2.260.1, chromedriver-55.0.2883.75-3.1, …), 12 product×package rows across 7 product lines (SUSE Package Hub 15 SP6, openSUSE Leap 15.0, … (7 product lines)): Fixed 12.

Description:

The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.

cvelogic Threat Intelligence