VDB
CVE-2014-1730
CVE-2014-1730
PUBLISHED
Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc.
EPSS 0.94% · 76.6th percentile
Risk Scores
EPSS Score
0.94%
76.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | libv8-3.14 | 3.14.5.8-5ubuntu2, 0 |
| Ubuntu:14.04:LTS | oxide-qt | 0, 1.0.0~bzr437-0ubuntu1, 1.0.0~bzr452-0ubuntu1 |
| Ubuntu:14.04:LTS | chromium-browser | 29.0.1547.65-0ubuntu2, 33.0.1750.152-0ubuntu1~pkg995.1, 34.0.1847.116-0ubuntu2 |
| Ubuntu:18.04:LTS | libv8-3.14 | 3.14.5.8-11ubuntu1, 0 |
Timeline
- Apr 26, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2014-1730 third-party-advisory
- https://code.google.com/p/v8/source/detail?r=20595 third-party-advisory
- https://code.google.com/p/v8/source/detail?r=20593 third-party-advisory
- https://code.google.com/p/v8/source/detail?r=20388 third-party-advisory
- https://code.google.com/p/v8/source/detail?r=20377 third-party-advisory
- https://code.google.com/p/v8/source/detail?r=20375 third-party-advisory
- https://code.google.com/p/chromium/issues/detail?id=354967 third-party-advisory
- http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html third-party-advisory
- https://ubuntu.com/security/notices/USN-2298-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2014-1730 third-party-advisory