VDB

CVE-2016-5224

CVE-2016-5224 PUBLISHED

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page.

EPSS 0.23% · 46.1th percentile

Risk Scores

EPSS Score
0.23%
46.1th percentile

Affected Products

VendorProductVersions
Ubuntu:14.04:LTSoxide-qt1.17.7-0ubuntu0.14.04.1, 1.9.1-0ubuntu0.14.04.2, 1.10.3-0ubuntu0.14.04.1
Ubuntu:16.04:LTSoxide-qt1.13.6-0ubuntu1, 1.14.7-0ubuntu1, 1.14.9-0ubuntu0.16.04.1
Ubuntu:16.04:LTSchromium-browser49.0.2623.87-0ubuntu1.1232, 47.0.2526.106-0ubuntu1.1221, 49.0.2623.108-0ubuntu1.1233
Ubuntu:14.04:LTSchromium-browser*, 31.0.1650.63-0ubuntu1~20131204.1, 32.0.1700.107-0ubuntu1~20140204.977.1

Timeline

  • Dec 2, 2016 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • May 25, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›