WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted HTML document.
Metrics
Affected Vendors & Products
References
History
Fri, 11 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|

Status: PUBLISHED
Assigner: Chrome
Published: 2016-03-13T22:00:00
Updated: 2024-08-05T23:02:12.847Z
Reserved: 2016-01-12T00:00:00
Link: CVE-2016-1644

No data.

Status : Deferred
Published: 2016-03-13T22:59:03.997
Modified: 2025-04-12T10:46:40.837
Link: CVE-2016-1644
