exploitDog

CVE-2026-0628

Опубликовано: 07 янв. 2026

Источник: debian

Описание

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium	fixed	143.0.7499.192-1		package
chromium	end-of-life		bullseye	package

Связанные уязвимости

CVE-2026-0628

CVSS3: 8.8

nvd

28 дней назад

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

CVE-2026-0628

msrc

26 дней назад

Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag

openSUSE-SU-2026:20020-1

suse-cvrf

25 дней назад

Security update for chromium

GHSA-rw66-g8v8-wcwh

CVSS3: 8.8

github

28 дней назад

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

BDU:2026-00887

CVSS3: 8.8

fstec

30 дней назад

Уязвимость компонента для отображения веб-страниц WebView браузера Google Chrome, позволяющая нарушителю выполнить произвольный код