ubuntu · CVE-2016-9651

Quick triage

Priority: medium Published: 2016-12-06 00:00:00 UTC Updated: 2025-08-25 22:14:37 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-9651 medium priority: Ubuntu including 4 source packages (chromium-browser, libv8, libv8-3.14, oxide-qt), 36 status rows across 9 suites (artful, bionic, cosmic, precise, trusty, upstream, xenial, yakkety, zesty): released 14, DNE 12, ignored 8, needed 1, needs-triage 1.

Description:

A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

cvelogic Threat Intelligence