Описание
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 107.0.5304.87-0ubuntu11.18.04.1 |
| devel | not-affected | code not present |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| kinetic | not-affected | code not present |
| trusty | ignored | end of standard support |
| upstream | released | 105.0.5195.125 |
| xenial | ignored | end of standard support |
Показывать по
Ссылки на источники
EPSS
5.4 Medium
CVSS3
Связанные уязвимости
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)
Insufficient validation of untrusted input in DevTools in Google Chrom ...
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.
Уязвимость набора инструментов для веб-разработчиков Developer Tools веб-браузера Google Chrome, позволяющая нарушителю выполнить произвольный код
EPSS
5.4 Medium
CVSS3