Описание
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
Ссылки
- Release NotesVendor Advisory
- Permissions Required
Уязвимые конфигурации
Конфигурация 1Версия до 146.0.7680.71 (исключая)
Одновременно
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 7%
0.00025
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-284
Связанные уязвимости
CVSS3: 4.3
redhat
16 дней назад
An insufficient policy enforcement flaw was found in the DevTools component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=470574526
CVSS3: 5.3
debian
14 дней назад
Insufficient policy enforcement in DevTools in Google Chrome prior to ...
CVSS3: 5.3
github
14 дней назад
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
EPSS
Процентиль: 7%
0.00025
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-284