exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2016-5135

больше 9 лет назад

WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a "Content-Security-Policy: referrer origin-when-cross-origin" header that overrides a "<META name='referrer' content='no-referrer'>" element.

CVSS3: 6.5

EPSS: Низкий

CVE-2016-5135

больше 9 лет назад

CVSS3: 6.5

EPSS: Низкий

CVE-2016-5135

больше 9 лет назад

CVSS3: 6.5

EPSS: Низкий

CVE-2016-5135

больше 9 лет назад

WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as use ...

CVSS3: 6.5

EPSS: Низкий

GHSA-x3g5-jvhp-53rw

больше 3 лет назад

CVSS3: 6.5

EPSS: Низкий

BDU:2016-02104

больше 9 лет назад

Уязвимость браузера Google Chrome, позволяющая нарушителю обойти настройки защитного механизма CSP

CVSS2: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2016-5135 WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a "Content-Security-Policy: referrer origin-when-cross-origin" header that overrides a "<META name='referrer' content='no-referrer'>" element.	CVSS3: 6.5	0% Низкий	больше 9 лет назад
CVE-2016-5135 WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a "Content-Security-Policy: referrer origin-when-cross-origin" header that overrides a "<META name='referrer' content='no-referrer'>" element.	CVSS3: 6.5	0% Низкий	больше 9 лет назад
CVE-2016-5135 WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a "Content-Security-Policy: referrer origin-when-cross-origin" header that overrides a "<META name='referrer' content='no-referrer'>" element.	CVSS3: 6.5	0% Низкий	больше 9 лет назад
CVE-2016-5135 WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as use ...	CVSS3: 6.5	0% Низкий	больше 9 лет назад
GHSA-x3g5-jvhp-53rw WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a "Content-Security-Policy: referrer origin-when-cross-origin" header that overrides a "<META name='referrer' content='no-referrer'>" element.	CVSS3: 6.5	0% Низкий	больше 3 лет назад
BDU:2016-02104 Уязвимость браузера Google Chrome, позволяющая нарушителю обойти настройки защитного механизма CSP	CVSS2: 4.3	0% Низкий	больше 9 лет назад

Уязвимостей на страницу