Описание
Insufficient policy enforcement in Blink in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to bypass content security policy via a crafted HTML page.
Insufficient policy enforcement in Blink in Google Chrome prior to 93.0.4577.63 allowed a remote attacker to bypass content security policy via a crafted HTML page.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-30620
- https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop_31.html
- https://crbug.com/1063518
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LVY4WIWTVVYKQMROJJS365TZBKEARCF
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPJPUSAWIJMQFBQQQYXAICLI4EKFQOH6
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QW4R2K5HVJ4R6XDZYOJCCFPIN2XHNS3L
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-30620
EPSS
Процентиль: 88%
0.04212
Низкий
CVE ID
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 4 лет назад
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
CVSS3: 8.8
nvd
больше 4 лет назад
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
msrc
больше 4 лет назад
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
CVSS3: 8.8
debian
больше 4 лет назад
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
CVSS3: 8.8
fstec
больше 4 лет назад
Уязвимость модуля отображения Blink браузера Microsoft Edge, позволяющая нарушителю обойти существующие ограничения доступа
EPSS
Процентиль: 88%
0.04212
Низкий