Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-6091

Опубликовано: 17 апр. 2018
Источник: redhat
CVSS3: 8.8
EPSS Низкий

Описание

Service Workers can intercept any request made by an <embed> or tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=1568767chromium-browser: Incorrect handling of plug-ins by Service Worker

EPSS

Процентиль: 78%
0.01102
Низкий

8.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-6091

CVSS3: 6.5
ubuntu
около 7 лет назад

Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

nvd логотип

CVE-2018-6091

CVSS3: 6.5
nvd
около 7 лет назад

Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

debian логотип

CVE-2018-6091

CVSS3: 6.5
debian
около 7 лет назад

Service Workers can intercept any request made by an <embed> or <objec ...

github логотип

GHSA-ww3h-5r3v-47xr

CVSS3: 6.5
github
больше 3 лет назад

Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

suse-cvrf логотип

openSUSE-SU-2018:1042-1

suse-cvrf
почти 8 лет назад

Security update for chromium

EPSS

Процентиль: 78%
0.01102
Низкий

8.8 High

CVSS3