Описание
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 72.0.3626.119-0ubuntu0.18.04.1 |
| cosmic | released | 72.0.3626.119-0ubuntu0.18.10.1 |
| devel | released | 72.0.3626.81-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [no longer updated]] |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [no longer updated] |
| upstream | released | 72.0.3626.81 |
| xenial | released | 72.0.3626.119-0ubuntu0.16.04.1 |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
DevTools API not correctly gating on extension capability in DevTools ...
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
Уязвимость набора инструментов DevTools веб-браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к информации
4.3 Medium
CVSS2
6.5 Medium
CVSS3