View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-9651 medium priority: Ubuntu including 4 source packages (chromium-browser, libv8, libv8-3.14, oxide-qt), 36 status rows across 9 suites (artful, bionic, cosmic, precise, trusty, upstream, xenial, yakkety, zesty): released 14, DNE 12, ignored 8, needed 1, needs-triage 1.
A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.