CVE-2018-6114

Опубликовано: 17 апр. 2018

Источник: redhat

CVSS3: 4.3

Описание

Incorrect enforcement of CSP for tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1568794chromium-browser: CSP bypass

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-6114

CVSS3: 6.5

ubuntu

около 7 лет назад

Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page.

CVE-2018-6114

CVSS3: 6.5

nvd

около 7 лет назад

Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page.

CVE-2018-6114

CVSS3: 6.5

debian

около 7 лет назад

Incorrect enforcement of CSP for <object> tags in Blink in Google Chro ...

GHSA-m2wv-rjf6-f55w

CVSS3: 6.5

github

больше 3 лет назад

Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page.

openSUSE-SU-2018:1042-1

suse-cvrf

почти 8 лет назад

Security update for chromium

4.3 Medium

CVSS3