Описание
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 71.0.3578.80-0ubuntu0.18.04.1 |
| cosmic | released | 71.0.3578.80-0ubuntu0.18.10.1 |
| devel | released | 71.0.3578.80-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [no longer updated]] |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [no longer updated] |
| upstream | released | 71.0.3578.80 |
| xenial | released | 71.0.3578.80-0ubuntu0.16.04.1 |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page.
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page.
Lack of proper validation of ancestor frames site when sending lax coo ...
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page.
Уязвимость браузера Google Chrome, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю обойти политику Cookie SameSite
4.3 Medium
CVSS2
6.5 Medium
CVSS3