Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-3197

Опубликовано: 08 окт. 2014
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a crafted web site.

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
lucid

ignored

end of life
precise

not-affected

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

released

38.0.2125.101

Показывать по

РелизСтатусПримечание
devel

released

1.2.5-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.2.5-0ubuntu0.14.04.1]]
lucid

DNE

precise

DNE

trusty

released

1.2.5-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [1.2.5-0ubuntu0.14.04.1]
upstream

released

1.2.5

Показывать по

Ссылки на источники

EPSS

Процентиль: 54%
0.00309
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-3197

redhat
больше 11 лет назад

The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a crafted web site.

nvd логотип

CVE-2014-3197

nvd
больше 11 лет назад

The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a crafted web site.

debian логотип

CVE-2014-3197

debian
больше 11 лет назад

The NavigationScheduler::schedulePageBlock function in core/loader/Nav ...

github логотип

GHSA-wmjx-mph9-7xgg

github
больше 3 лет назад

The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a crafted web site.

EPSS

Процентиль: 54%
0.00309
Низкий

5 Medium

CVSS2