UBUNTU-CVE-2014-3188

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2014-3188

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-3188.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-3188

Upstream

CVE-2014-3188

Downstream

USN-2345-1

Related

USN-2345-1

Published

2014-10-08T00:00:00Z

Modified

2026-04-22T09:39:03.978818Z

Severity

Ubuntu - medium

Summary

[none]

Details

Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h.

References

Affected packages

Ubuntu:14.04:LTS / chromium-browser

Package

Name: chromium-browser
Purl: pkg:deb/ubuntu/chromium-browser@38.0.2125.111-0ubuntu0.14.04.1.1061?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

38.0.2125.111-0ubuntu0.14.04.1.1061

Affected versions

29.*

29.0.1547.65-0ubuntu2

31.*

31.0.1650.63-0ubuntu1~20131204.1

32.*

32.0.1700.107-0ubuntu1~20140204.977.1

33.*

33.0.1750.152-0ubuntu1~pkg995.1

34.*

34.0.1847.116-0ubuntu2

36.*

36.0.1985.125-0ubuntu1.14.04.0~pkg1029

37.*

37.0.2062.94-0ubuntu0.14.04.1~pkg1042

37.0.2062.120-0ubuntu0.14.04.1~pkg1049

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "chromium-browser",
            "binary_version": "38.0.2125.111-0ubuntu0.14.04.1.1061"
        },
        {
            "binary_name": "chromium-browser-l10n",
            "binary_version": "38.0.2125.111-0ubuntu0.14.04.1.1061"
        },
        {
            "binary_name": "chromium-chromedriver",
            "binary_version": "38.0.2125.111-0ubuntu0.14.04.1.1061"
        },
        {
            "binary_name": "chromium-codecs-ffmpeg",
            "binary_version": "38.0.2125.111-0ubuntu0.14.04.1.1061"
        },
        {
            "binary_name": "chromium-codecs-ffmpeg-extra",
            "binary_version": "38.0.2125.111-0ubuntu0.14.04.1.1061"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-3188.json"

Ubuntu:16.04:LTS / libv8-3.14

Package

Name: libv8-3.14
Purl: pkg:deb/ubuntu/libv8-3.14@3.14.5.8-5ubuntu2?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.14.5.8-5ubuntu2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libv8-3.14.5",
            "binary_version": "3.14.5.8-5ubuntu2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-3188.json"

Ubuntu:18.04:LTS / libv8-3.14

Package

Name: libv8-3.14
Purl: pkg:deb/ubuntu/libv8-3.14@3.14.5.8-11ubuntu1?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.14.5.8-11ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libv8-3.14.5",
            "binary_version": "3.14.5.8-11ubuntu1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-3188.json"