Описание
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
Ссылки
- Release NotesVendor Advisory
- Permissions Required
Уязвимые конфигурации
Конфигурация 1Версия до 146.0.7680.71 (исключая)
Одновременно
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00034
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-602
Связанные уязвимости
CVSS3: 4.3
redhat
16 дней назад
An insufficient policy enforcement flaw was found in the DevTools component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=474670215
CVSS3: 4.3
debian
14 дней назад
Insufficient policy enforcement in DevTools in Google Chrome prior to ...
CVSS3: 4.3
github
14 дней назад
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
EPSS
Процентиль: 10%
0.00034
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-602