CVE-2015-5605 - Medium Severity Vulnerability
Vulnerable Library - V83.29.93.1
https://github.com/v8/v8.git
Library home page: https://github.com/rsvip/V8.git
Found in base branch: archived-io.js-v0.10
Vulnerable Source Files (9)
node/deps/v8/src/mips/regexp-macro-assembler-mips.cc
node/deps/v8/src/mips64/regexp-macro-assembler-mips64.cc
node/deps/v8/src/ia32/regexp-macro-assembler-ia32.cc
node/deps/v8/src/regexp-macro-assembler.cc
node/deps/v8/src/mips/regexp-macro-assembler-mips.cc
node/deps/v8/src/regexp-macro-assembler.h
node/deps/v8/src/x64/regexp-macro-assembler-x64.cc
node/deps/v8/src/arm/regexp-macro-assembler-arm.cc
node/deps/v8/src/arm/regexp-macro-assembler-arm.cc
Vulnerability Details
The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an error in garbage collection during allocation of a stack-overflow exception message.
Publish Date: 2015-07-23
URL: CVE-2015-5605
CVSS 2 Score Details (5.0)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5605
Release Date: 2015-07-23
Fix Resolution: 4.4.4
Step up your Open Source Security Game with WhiteSource here
CVE-2015-5605 - Medium Severity Vulnerability
https://github.com/v8/v8.git
Library home page: https://github.com/rsvip/V8.git
Found in base branch: archived-io.js-v0.10
The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an error in garbage collection during allocation of a stack-overflow exception message.
Publish Date: 2015-07-23
URL: CVE-2015-5605
Base Score Metrics not available
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5605
Release Date: 2015-07-23
Fix Resolution: 4.4.4
Step up your Open Source Security Game with WhiteSource here