Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-3377-vrhc-fxf7

Опубликовано: 13 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 6.5

Описание

Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

Ссылки

EPSS

Процентиль: 66%
0.00511
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2018-18349

Дефекты

CWE-732

Связанные уязвимости

ubuntu логотип

CVE-2018-18349

CVSS3: 6.5
ubuntu
около 7 лет назад

Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

redhat логотип

CVE-2018-18349

CVSS3: 6.5
redhat
около 7 лет назад

Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

nvd логотип

CVE-2018-18349

CVSS3: 6.5
nvd
около 7 лет назад

Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

debian логотип

CVE-2018-18349

CVSS3: 6.5
debian
около 7 лет назад

Remote frame navigations was incorrectly permitted to local resources ...

fstec логотип

BDU:2019-01247

CVSS3: 6.5
fstec
около 7 лет назад

Уязвимость браузера Google Chrome, связанная с ошибками управления правами, привилегиями и контролем доступа, позволяющая нарушителю получить доступ к файлам в локальной файловой системе с помощью специально созданного расширения

EPSS

Процентиль: 66%
0.00511
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2018-18349

Дефекты

CWE-732