CVE-2016-5192

Опубликовано: 18 дек. 2016

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.5

Описание

Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages.

Релиз	Статус	Примечание
devel	released	55.0.2883.87-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [58.0.3029.81-0ubuntu0.14.04.1172]]
precise	ignored
trusty	released	58.0.3029.81-0ubuntu0.14.04.1172
trusty/esm	DNE	trusty was released [58.0.3029.81-0ubuntu0.14.04.1172]
upstream	released	54.0.2840.59
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	55.0.2883.87-0ubuntu0.16.04.1263
yakkety	released	55.0.2883.87-0ubuntu0.16.10.1328

Показывать по

Релиз	Статус	Примечание
devel	released	1.19.6-0ubuntu2
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1.18.3-0ubuntu0.14.04.1]]
esm-infra/xenial	released	1.18.3-0ubuntu0.16.04.1
precise	DNE
trusty	released	1.18.3-0ubuntu0.14.04.1
trusty/esm	DNE	trusty was released [1.18.3-0ubuntu0.14.04.1]
upstream	released	1.18.3
vivid/stable-phone-overlay	released	1.19.7-0ubuntu0.15.04.1~overlay1
vivid/ubuntu-core	DNE
xenial	released	1.18.3-0ubuntu0.16.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 47%

0.00242

Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2016-5192

CVSS3: 6.5

redhat

больше 9 лет назад

CVE-2016-5192

CVSS3: 6.5

nvd

около 9 лет назад

CVE-2016-5192

CVSS3: 6.5

debian

около 9 лет назад

Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS ...

GHSA-5qph-qrqq-9w48

CVSS3: 6.5

github

больше 3 лет назад

EPSS

Процентиль: 47%

0.00242

Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2016-5192

Описание

Пакет chromium-browser

Пакет oxide-qt

Ссылки на источники

Связанные уязвимости