cvedb.io
CVE-2016-1677
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2016-06-05T23:59:05.927 · Last modified 2026-06-17T00:42:24.100

Summary

uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

Affected products

google — chrome

Does this affect you?

Add your gear to cvedb and we'll alert you only when google ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.