Описание
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| chromium | fixed | 103.0.5060.53-1 | package | |
| chromium | end-of-life | buster | package | |
| chromium | end-of-life | stretch | package |
EPSS
Связанные уязвимости
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
Chromium: CVE-2022-2160 Insufficient policy enforcement in DevTools
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
Уязвимость набора инструментов для веб-разработки DevTools браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю обойти существующие ограничения доступа
EPSS