[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-2992-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":86,"duplicates":87,"related":88,"reserved_at":9,"published_at":107,"modified_at":108,"state":9,"summary":109,"references_raw":111,"kevs":191,"epss":9,"epss_history":192,"metrics":193,"affected":194},"USN-2992-1","oxide-qt vulnerabilities\n\nAn unspecified security issue was discovered in Blink. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to bypass same-origin restrictions.\n(CVE-2016-1673)\n\nAn issue was discovered with Document reattachment in Blink in some\ncircumstances. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to bypass same-origin\nrestrictions. (CVE-2016-1675)\n\nA type confusion bug was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to obtain sensitive information. (CVE-2016-1677)\n\nA heap overflow was discovered in V8. If a user were tricked in to opening\na specially crafted website, an attacker could potentially exploit this to\ncause a denial of service (application crash) or execute arbitrary code.\n(CVE-2016-1678)\n\nA use-after-free was discovered in the V8ValueConverter implementation in\nChromium in some circumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this to\ncause a denial of service (application crash) or execute arbitrary code.\n(CVE-2016-1679)\n\nA use-after-free was discovered in Skia. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service (application crash) or execute arbitrary\ncode. (CVE-2016-1680)\n\nA security issue was discovered in ServiceWorker registration in Blink in\nsome circumstances. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to bypass\nContent Security Policy (CSP) protections. (CVE-2016-1682)\n\nAn out-of-bounds memory access was discovered in libxslt. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service (application crash)\nor execute arbitrary code. (CVE-2016-1683)\n\nAn integer overflow was discovered in libxslt. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service (application crash or resource\nconsumption). (CVE-2016-1684)\n\nAn out-of-bounds read was discovered in the regular expression\nimplementation in V8. If a user were tricked in to opening a specially\ncrafted website, an attacker could potentially exploit this to cause a\ndenial of service (application crash). (CVE-2016-1688)\n\nA heap overflow was discovered in Chromium. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service (application crash) or execute arbitrary\ncode. (CVE-2016-1689)\n\nA heap overflow was discovered in Skia. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service (application crash) or execute arbitrary\ncode. (CVE-2016-1691)\n\nIt was discovered that Blink permits cross-origin loading of stylesheets\nby a service worker even when the stylesheet download has an incorrect\nMIME type. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to bypass same-origin\nrestrictions. (CVE-2016-1692)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service (application crash) or execute arbitrary code. (CVE-2016-1695,\nCVE-2016-1703)\n\nIt was discovered that Blink does not prevent frame navigation during\nDocumentLoader detach operations. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this to\nbypass same-origin restrictions. (CVE-2016-1697)\n\nA parameter sanitization bug was discovered in the devtools subsystem in\nBlink. An attacker could potentially exploit this to bypass intended\naccess restrictions. (CVE-2016-1699)\n\nAn out-of-bounds read was discovered in Skia. If a user were tricked in\nto opening a specially crafted website, an attacker could potentially\nexploit this to cause a denial of service (application crash).\n(CVE-2016-1702)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84],{"_key":15},"CVE-2016-1673",{"_key":17},"CVE-2016-1675",{"_key":19},"CVE-2016-1677",{"_key":21},"CVE-2016-1678",{"_key":23},"CVE-2016-1679",{"_key":25},"CVE-2016-1680",{"_key":27},"CVE-2016-1682",{"_key":29},"CVE-2016-1683",{"_key":31},"CVE-2016-1684",{"_key":33},"CVE-2016-1688",{"_key":35},"CVE-2016-1689",{"_key":37},"CVE-2016-1691",{"_key":39},"CVE-2016-1692",{"_key":41},"CVE-2016-1695",{"_key":43},"CVE-2016-1697",{"_key":45},"CVE-2016-1699",{"_key":47},"CVE-2016-1702",{"_key":49},"CVE-2016-1703",{"_key":51},"UBUNTU-CVE-2016-1673",{"_key":53},"UBUNTU-CVE-2016-1675",{"_key":55},"UBUNTU-CVE-2016-1677",{"_key":57},"UBUNTU-CVE-2016-1678",{"_key":59},"UBUNTU-CVE-2016-1679",{"_key":61},"UBUNTU-CVE-2016-1680",{"_key":63},"UBUNTU-CVE-2016-1682",{"_key":65},"UBUNTU-CVE-2016-1683",{"_key":67},"UBUNTU-CVE-2016-1684",{"_key":69},"UBUNTU-CVE-2016-1688",{"_key":71},"UBUNTU-CVE-2016-1689",{"_key":73},"UBUNTU-CVE-2016-1691",{"_key":75},"UBUNTU-CVE-2016-1692",{"_key":77},"UBUNTU-CVE-2016-1695",{"_key":79},"UBUNTU-CVE-2016-1697",{"_key":81},"UBUNTU-CVE-2016-1699",{"_key":83},"UBUNTU-CVE-2016-1702",{"_key":85},"UBUNTU-CVE-2016-1703",[],[],[89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106],{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},"2016-06-06T15:26:12Z","2026-04-22T09:25:10.430077Z",{"cisa_kev":110,"cisa_ransomware":110,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[112,118,123,127,131,135,139,143,147,151,155,159,163,167,171,175,179,183,187],{"url":113,"sources":114,"tags":116},"https://ubuntu.com/security/notices/USN-2992-1",[115],"osv_ubuntu",[117],"Advisory",{"url":119,"sources":120,"tags":121},"https://ubuntu.com/security/CVE-2016-1673",[115],[122],"REPORT",{"url":124,"sources":125,"tags":126},"https://ubuntu.com/security/CVE-2016-1675",[115],[122],{"url":128,"sources":129,"tags":130},"https://ubuntu.com/security/CVE-2016-1677",[115],[122],{"url":132,"sources":133,"tags":134},"https://ubuntu.com/security/CVE-2016-1678",[115],[122],{"url":136,"sources":137,"tags":138},"https://ubuntu.com/security/CVE-2016-1679",[115],[122],{"url":140,"sources":141,"tags":142},"https://ubuntu.com/security/CVE-2016-1680",[115],[122],{"url":144,"sources":145,"tags":146},"https://ubuntu.com/security/CVE-2016-1682",[115],[122],{"url":148,"sources":149,"tags":150},"https://ubuntu.com/security/CVE-2016-1683",[115],[122],{"url":152,"sources":153,"tags":154},"https://ubuntu.com/security/CVE-2016-1684",[115],[122],{"url":156,"sources":157,"tags":158},"https://ubuntu.com/security/CVE-2016-1688",[115],[122],{"url":160,"sources":161,"tags":162},"https://ubuntu.com/security/CVE-2016-1689",[115],[122],{"url":164,"sources":165,"tags":166},"https://ubuntu.com/security/CVE-2016-1691",[115],[122],{"url":168,"sources":169,"tags":170},"https://ubuntu.com/security/CVE-2016-1692",[115],[122],{"url":172,"sources":173,"tags":174},"https://ubuntu.com/security/CVE-2016-1695",[115],[122],{"url":176,"sources":177,"tags":178},"https://ubuntu.com/security/CVE-2016-1697",[115],[122],{"url":180,"sources":181,"tags":182},"https://ubuntu.com/security/CVE-2016-1699",[115],[122],{"url":184,"sources":185,"tags":186},"https://ubuntu.com/security/CVE-2016-1702",[115],[122],{"url":188,"sources":189,"tags":190},"https://ubuntu.com/security/CVE-2016-1703",[115],[122],[],[],[],[195],{"ecosystem":196,"name":197,"vendor":198,"product":197,"cpe_part":9,"purl_type":199,"purl_namespace":198,"purl_name":197,"source":9,"versions":200},"Ubuntu","oxide-qt","ubuntu","deb",[201,207],{"version":202,"is_range":203,"range_type":204,"version_start":9,"version_start_type":9,"version_end":205,"version_end_type":206,"fixed_in":9},"lt1_15_7_0ubuntu0_14_04_1",true,"ecosystem","1.15.7-0ubuntu0.14.04.1","excluding",{"version":208,"is_range":203,"range_type":204,"version_start":9,"version_start_type":9,"version_end":209,"version_end_type":206,"fixed_in":9},"lt1_15_7_0ubuntu0_16_04_1","1.15.7-0ubuntu0.16.04.1"]