Описание
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 89.0.4389.82-0ubuntu0.18.04.1 |
| devel | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| groovy | not-affected | code not present |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | |
| upstream | released |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
Chromium CVE-2021-21133: Insufficient policy enforcement in Downloads
Insufficient policy enforcement in Downloads in Google Chrome prior to ...
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
Уязвимость функции Downloads веб-браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения безопасности
4.3 Medium
CVSS2
6.5 Medium
CVSS3