CVE-2016-5168Origin Validation Error in Google Chrome

CWE-346Origin Validation Error4 documents4 sources
Severity
7.5HIGHNVD
EPSS
9.6%
top 7.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedApr 21
Latest updateMay 17

Description

Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDgoogle/chrome50.0.2661.91

🔴Vulnerability Details

2
GHSA
GHSA-q9q7-484c-gjr6: Skia, as used in Google Chrome before 502022-05-17
OSV
CVE-2016-5168: Skia, as used in Google Chrome before 502017-04-21

💬Community

1
Bugzilla
CVE-2016-3981 optipng: heap buffer overflow in the bmp_read_rows function2016-04-14