Описание
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 92.0.4515.159-0ubuntu0.18.04.1 |
| devel | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| groovy | not-affected | code not present |
| hirsute | not-affected | code not present |
| impish | not-affected | code not present |
| jammy | not-affected | code not present |
| trusty | ignored | end of standard support |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
9.6 Critical
CVSS3
Связанные уязвимости
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
Chromium: CVE-2021-30571 Insufficient policy enforcement in DevTools
Insufficient policy enforcement in DevTools in Google Chrome prior to ...
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
Уязвимость набора инструментов для веб-разработки DevTools веб-браузера Google Chrome, позволяющая нарушителю обойти ограничения безопасности
6.8 Medium
CVSS2
9.6 Critical
CVSS3