Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-5033

Опубликовано: 09 мар. 2017
Источник: redhat
CVSS3: 6.5

Описание

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1431042chromium-browser: bypass of content security policy in blink

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-5033

CVSS3: 4.3
ubuntu
почти 9 лет назад

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword.

nvd логотип

CVE-2017-5033

CVSS3: 4.3
nvd
почти 9 лет назад

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword.

debian логотип

CVE-2017-5033

CVSS3: 4.3
debian
почти 9 лет назад

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Lin ...

github логотип

GHSA-q3xm-785w-f7gp

CVSS3: 4.3
github
почти 4 года назад

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword.

6.5 Medium

CVSS3