Описание
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 103.0.5060.134-0ubuntu0.18.04.1 |
| devel | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| impish | not-affected | code not present |
| jammy | not-affected | code not present |
| kinetic | not-affected | code not present |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
Ссылки на источники
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
Chromium: CVE-2022-2160 Insufficient policy enforcement in DevTools
Insufficient policy enforcement in DevTools in Google Chrome on Window ...
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
Уязвимость набора инструментов для веб-разработки DevTools браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю обойти существующие ограничения доступа
EPSS
6.5 Medium
CVSS3