Описание
Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 55.0.2883.87-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [58.0.3029.81-0ubuntu0.14.04.1172]] |
| precise | ignored | |
| trusty | released | 58.0.3029.81-0ubuntu0.14.04.1172 |
| trusty/esm | DNE | trusty was released [58.0.3029.81-0ubuntu0.14.04.1172] |
| upstream | released | 55.0.2883.75 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 55.0.2883.87-0ubuntu0.16.04.1263 |
| yakkety | released | 55.0.2883.87-0ubuntu0.16.10.1328 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.19.6-0ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.19.4-0ubuntu0.14.04.1]] |
| esm-infra/xenial | released | 1.19.4-0ubuntu0.16.04.1 |
| precise | DNE | |
| trusty | released | 1.19.4-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1.19.4-0ubuntu0.14.04.1] |
| upstream | released | 1.19.4 |
| vivid/stable-phone-overlay | released | 1.19.7-0ubuntu0.15.04.1~overlay1 |
| vivid/ubuntu-core | DNE | |
| xenial | released | 1.19.4-0ubuntu0.16.04.1 |
Показывать по
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
Leaking of an SVG shadow tree leading to corruption of the DOM tree in ...
Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
Уязвимость браузера Google Chrome, позволяющая нарушителю получить сведения об интеграционной платформе и операционной системе
4.3 Medium
CVSS2
6.1 Medium
CVSS3