Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-5018

Опубликовано: 17 фев. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.1

Описание

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

РелизСтатусПримечание
devel

released

56.0.2924.76-0ubuntu2.1343
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [58.0.3029.81-0ubuntu0.14.04.1172]]
precise

ignored

trusty

released

58.0.3029.81-0ubuntu0.14.04.1172
trusty/esm

DNE

trusty was released [58.0.3029.81-0ubuntu0.14.04.1172]
upstream

released

56.0.2924.76
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

released

56.0.2924.76-0ubuntu0.16.04.1268
yakkety

released

56.0.2924.76-0ubuntu0.16.10.1335

Показывать по

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
esm-infra/xenial

not-affected

precise

DNE

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

not-affected

vivid/stable-phone-overlay

not-affected

vivid/ubuntu-core

DNE

xenial

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 63%
0.00443
Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-5018

CVSS3: 6.5
redhat
около 9 лет назад

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

nvd логотип

CVE-2017-5018

CVSS3: 6.1
nvd
почти 9 лет назад

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

debian логотип

CVE-2017-5018

CVSS3: 6.1
debian
почти 9 лет назад

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56 ...

github логотип

GHSA-6xg6-mxpp-jx88

CVSS3: 6.1
github
больше 3 лет назад

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

suse-cvrf логотип

openSUSE-SU-2017:0499-1

suse-cvrf
почти 9 лет назад

Security update of chromium

EPSS

Процентиль: 63%
0.00443
Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3