Описание
Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 62.0.3202.62-0ubuntu0.17.10.1380 |
| bionic | released | 62.0.3202.62-0ubuntu0.17.10.1380 |
| cosmic | released | 62.0.3202.62-0ubuntu0.17.10.1380 |
| devel | released | 62.0.3202.62-0ubuntu0.17.10.1380 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [62.0.3202.62-0ubuntu0.14.04.1204]] |
| precise/esm | DNE | |
| trusty | released | 62.0.3202.62-0ubuntu0.14.04.1204 |
| trusty/esm | DNE | trusty was released [62.0.3202.62-0ubuntu0.14.04.1204] |
| upstream | released | 62.0.3202.62 |
| xenial | released | 62.0.3202.62-0ubuntu0.16.04.1308 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [Ubuntu touch end-of-life]] |
| esm-infra/xenial | ignored | Ubuntu touch end-of-life |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [Ubuntu touch end-of-life] |
| upstream | needs-triage |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.
Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.
Insufficient enforcement of Content Security Policy in Blink in Google ...
Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.
6.8 Medium
CVSS2
8.8 High
CVSS3