Search for vulnerabilities
Vulnerability details: VCID-fp16-4yjf-aaaa
Vulnerability ID VCID-fp16-4yjf-aaaa
Aliases CVE-2017-5121
Summary Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-20 Improper Input Validation
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5121.html
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5121.json
epss 0.02455 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02455 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02455 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.02599 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03642 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03829 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03867 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.03867 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04077 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.04584 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.06617 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.06617 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.06617 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.06617 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.06617 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.09414 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
epss 0.10549 https://api.first.org/data/v1/epss?cve=CVE-2017-5121
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1494391
generic_textual Medium https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5111
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5112
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5113
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5114
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5115
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5116
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5117
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5118
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5119
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5120
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5121
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5122
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2017-5121
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2017-5121
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2017-5121
archlinux Critical https://security.archlinux.org/AVG-411
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5121.html
https://access.redhat.com/errata/RHSA-2017:2792
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5121.json
https://api.first.org/data/v1/epss?cve=CVE-2017-5121
https://blogs.technet.microsoft.com/mmpc/2017/10/18/browser-security-beyond-sandboxing/
https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
https://crbug.com/765433
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5111
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5117
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5119
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5122
https://security.gentoo.org/glsa/201709-25
http://www.debian.org/security/2017/dsa-3985
http://www.securityfocus.com/bid/100947
http://www.securitytracker.com/id/1039497
1494391 https://bugzilla.redhat.com/show_bug.cgi?id=1494391
ASA-201709-19 https://security.archlinux.org/ASA-201709-19
AVG-411 https://security.archlinux.org/AVG-411
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
CVE-2017-5121 https://nvd.nist.gov/vuln/detail/CVE-2017-5121
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5121.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5121
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5121
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5121
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.84476
EPSS Score 0.02455
Published At June 1, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.