CVE-2018-18350

Опубликовано: 04 дек. 2018

Источник: redhat

CVSS3: 6.5

Описание

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1656564chromium-browser: Insufficient policy enforcement in Blink

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2018-18350

CVSS3: 6.5

ubuntu

около 7 лет назад

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.

CVE-2018-18350

CVSS3: 6.5

nvd

около 7 лет назад

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.

CVE-2018-18350

CVSS3: 6.5

debian

около 7 лет назад

Incorrect handling of CSP enforcement during navigations in Blink in G ...

GHSA-93c8-wm3x-8xw6

CVSS3: 6.5

github

больше 3 лет назад

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.

BDU:2019-01263

CVSS3: 6.5

fstec

около 7 лет назад

Уязвимость модуля отображения веб-страниц Blink браузера Google Chrome, связанная с ошибкой обработки данных, позволяющая нарушителю обойти политику безопасности контента

6.5 Medium

CVSS3