CVE-2016-1646
chromium-browser - security update
⚠ KEVEPSS 66.9%
Description
Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
How to fix CVE-2016-1646
To remediate CVE-2016-1646, upgrade the affected package to a fixed version below.
- Debian/chromium-browser—upgrade to 49.0.2623.108-1~deb8u1 or later
Is CVE-2016-1646 being exploited?
Yes — CVE-2016-1646 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (1)
- from 0, < 49.0.2623.108-1~deb8u1