Описание
Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High)
Ссылки
- Vendor Advisory
- Permissions Required
Уязвимые конфигурации
Конфигурация 1Версия до 148.0.7778.216 (исключая)
Одновременно
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 148.0.7778.215 (исключая)
Одновременно
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
EPSS
Процентиль: 1%
0.00107
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-346
Связанные уязвимости
CVSS3: 9.3
redhat
около 1 месяца назад
Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High)
CVSS3: 6.3
debian
29 дней назад
Inappropriate implementation in Media in Google Chrome prior to 148.0. ...
CVSS3: 6.3
github
29 дней назад
Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High)
EPSS
Процентиль: 1%
0.00107
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-346