Launchpad CVE tracker

CVE 2014-3188

Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h.

Related bugs and status

CVE-2014-3188 (Candidate) is related to these bugs:

Bug #1310163: chromium-browser with multiple tabs crashes on startup in KDE environment

Summary				In	Importance	Status
	1310163	chromium-browser with multiple tabs crashes on startup in KDE environment		chromium-browser (Ubuntu)	High	Fix Released
	1310163	chromium-browser with multiple tabs crashes on startup in KDE environment		Chromium Browser	Unknown	Unknown

Bug #1373802: Regression: chromium-browser no longer loads policies in 37.0.2062.120-0ubuntu0.14.04.1~pkg1049

Summary				In	Importance	Status
	1373802	Regression: chromium-browser no longer loads policies in 37.0.2062.120-0ubuntu0.14.04.1~pkg1049		chromium-browser (Ubuntu)	Critical	Fix Released

Bug #1381644: CHROMIUM_USER_FLAGS environment variable is ignored

Summary				In	Importance	Status
	1381644	CHROMIUM_USER_FLAGS environment variable is ignored		chromium-browser (Ubuntu)	High	Fix Released

Bug #1386455: Chromium 37 has 159 known security issues

Summary				In	Importance	Status
	1386455	Chromium 37 has 159 known security issues		chromium-browser (Ubuntu)	Critical	Fix Released

Bug #1837038: Broken and defunct libv8-3.14 urgently needs removal

Summary				In	Importance	Status
	1837038	Broken and defunct libv8-3.14 urgently needs removal		libv8-3.14 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-3188

References