{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-24T00:00:00", "descriptions": [{"lang": "en", "value": "Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging \"type confusion\" and reading property values, related to i18n.js and runtime.cc."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-04T20:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"name": "58301", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/58301"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/v8/source/detail?r=20388"}, {"name": "openSUSE-SU-2014:0669", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/v8/source/detail?r=20593"}, {"name": "GLSA-201408-16", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "60372", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60372"}, {"name": "openSUSE-SU-2014:0668", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html"}, {"name": "DSA-2920", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2920"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/v8/source/detail?r=20375"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/v8/source/detail?r=20595"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/chromium/issues/detail?id=354967"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/v8/source/detail?r=20377"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2014-1730", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging \"type confusion\" and reading property values, related to i18n.js and runtime.cc."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "58301", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/58301"}, {"name": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html"}, {"name": "https://code.google.com/p/v8/source/detail?r=20388", "refsource": "CONFIRM", "url": "https://code.google.com/p/v8/source/detail?r=20388"}, {"name": "openSUSE-SU-2014:0669", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html"}, {"name": "https://code.google.com/p/v8/source/detail?r=20593", "refsource": "CONFIRM", "url": "https://code.google.com/p/v8/source/detail?r=20593"}, {"name": "GLSA-201408-16", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "60372", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60372"}, {"name": "openSUSE-SU-2014:0668", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html"}, {"name": "DSA-2920", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2920"}, {"name": "https://code.google.com/p/v8/source/detail?r=20375", "refsource": "CONFIRM", "url": "https://code.google.com/p/v8/source/detail?r=20375"}, {"name": "https://code.google.com/p/v8/source/detail?r=20595", "refsource": "CONFIRM", "url": "https://code.google.com/p/v8/source/detail?r=20595"}, {"name": "https://code.google.com/p/chromium/issues/detail?id=354967", "refsource": "CONFIRM", "url": "https://code.google.com/p/chromium/issues/detail?id=354967"}, {"name": "https://code.google.com/p/v8/source/detail?r=20377", "refsource": "CONFIRM", "url": "https://code.google.com/p/v8/source/detail?r=20377"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:50:11.049Z"}, "title": "CVE Program Container", "references": [{"name": "58301", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/58301"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/v8/source/detail?r=20388"}, {"name": "openSUSE-SU-2014:0669", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/v8/source/detail?r=20593"}, {"name": "GLSA-201408-16", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "60372", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60372"}, {"name": "openSUSE-SU-2014:0668", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html"}, {"name": "DSA-2920", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2920"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/v8/source/detail?r=20375"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/v8/source/detail?r=20595"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/chromium/issues/detail?id=354967"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/v8/source/detail?r=20377"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2014-1730", "datePublished": "2014-04-26T10:00:00", "dateReserved": "2014-01-29T00:00:00", "dateUpdated": "2024-08-06T09:50:11.049Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "59F9F3BD-65CD-462B-A3CD-D970F48AABAB", "versionEndExcluding": "34.0.1847.131", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "682715EE-1BA1-4A6B-AEB6-B99257B38A45", "versionEndExcluding": "34.0.1847.132", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging \"type confusion\" and reading property values, related to i18n.js and runtime.cc."}, {"lang": "es", "value": "Google V8, utilizado en Google Chrome anterior a 34.0.1847.131 en Windows y OS X y anterior a 34.0.1847.132 en Linux, no almacena debidamente metadatos de internacionalizaci\u00f3n, lo que permite a atacantes remotos evadir restricciones de acceso mediante el aprovechamiento de \"confusi\u00f3n de tipo\" y la lectura de valores de propiedad, relacionado con i18n.js y runtime.cc."}], "id": "CVE-2014-1730", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-26T10:55:05.433", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://secunia.com/advisories/58301"}, {"source": "chrome-cve-admin@google.com", "url": "http://secunia.com/advisories/60372"}, {"source": "chrome-cve-admin@google.com", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.debian.org/security/2014/dsa-2920"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/chromium/issues/detail?id=354967"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/v8/source/detail?r=20375"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/v8/source/detail?r=20377"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/v8/source/detail?r=20388"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/v8/source/detail?r=20593"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/v8/source/detail?r=20595"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00049.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00050.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/58301"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60372"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2014/dsa-2920"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/chromium/issues/detail?id=354967"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/v8/source/detail?r=20375"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/v8/source/detail?r=20377"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/v8/source/detail?r=20388"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/v8/source/detail?r=20593"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/v8/source/detail?r=20595"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-843"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "v8: type confusion issue fixed in Google Chrome 34.0.1847.131", "id": "1091834", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091834"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "status": "draft"}, "details": ["Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging \"type confusion\" and reading property values, related to i18n.js and runtime.cc."], "name": "CVE-2014-1730", "package_state": [{"cpe": "cpe:/a:redhat:cloudforms_managementengine:5", "fix_state": "Not affected", "package_name": "ruby193-v8", "product_name": "CloudForms Management Engine 5"}, {"cpe": "cpe:/a:redhat:openshift:1", "fix_state": "Not affected", "package_name": "ruby193-v8", "product_name": "OpenShift Enterprise 1"}, {"cpe": "cpe:/a:redhat:openshift:2", "fix_state": "Not affected", "package_name": "v8", "product_name": "Red Hat OpenShift Enterprise 2"}, {"cpe": "cpe:/a:redhat:openstack:3", "fix_state": "Not affected", "package_name": "ruby193-v8", "product_name": "Red Hat OpenStack Platform 3"}, {"cpe": "cpe:/a:redhat:openstack:3", "fix_state": "Not affected", "package_name": "v8", "product_name": "Red Hat OpenStack Platform 3"}, {"cpe": "cpe:/a:redhat:openstack:4", "fix_state": "Not affected", "package_name": "ruby193-v8", "product_name": "Red Hat OpenStack Platform 4"}, {"cpe": "cpe:/a:redhat:openstack:4", "fix_state": "Not affected", "package_name": "v8", "product_name": "Red Hat OpenStack Platform 4"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "v8", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:1", "fix_state": "Not affected", "package_name": "v8314-v8", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Not affected", "package_name": "ruby193-v8", "product_name": "Red Hat Subscription Asset Manager"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Not affected", "package_name": "v8", "product_name": "Red Hat Subscription Asset Manager"}], "public_date": "2014-04-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-1730\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-1730"], "threat_severity": "Moderate"}

{}