CVE-2017-5118

Опубликовано: 27 окт. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 4.3

Описание

Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page.

Релиз	Статус	Примечание
artful	released	61.0.3163.100-0ubuntu1.1378
bionic	released	61.0.3163.100-0ubuntu1.1378
cosmic	released	61.0.3163.100-0ubuntu1.1378
devel	released	61.0.3163.100-0ubuntu1.1378
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [61.0.3163.100-0ubuntu0.14.04.1202]]
precise/esm	DNE
trusty	released	61.0.3163.100-0ubuntu0.14.04.1202
trusty/esm	DNE	trusty was released [61.0.3163.100-0ubuntu0.14.04.1202]
upstream	released	61.0.3163.79
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [Ubuntu touch end-of-life]]
esm-infra/xenial	ignored	Ubuntu touch end-of-life
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [Ubuntu touch end-of-life]
upstream	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 69%

0.00606

Низкий

4.3 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2017-5118

CVSS3: 6.5

redhat

больше 8 лет назад

CVE-2017-5118

CVSS3: 4.3

nvd

больше 8 лет назад

CVE-2017-5118

CVSS3: 4.3

debian

больше 8 лет назад

Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Lin ...

GHSA-4rqg-fm5f-cc59

CVSS3: 4.3

github

больше 3 лет назад

EPSS

Процентиль: 69%

0.00606

Низкий

4.3 Medium

CVSS2

4.3 Medium

CVSS3

CVE-2017-5118

Описание

Пакет chromium-browser

Пакет oxide-qt

Ссылки на источники

Связанные уязвимости