7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.2%
Google Chrome Releases reports:
29 security fixes in this release, including:
[516377] High CVE-2015-1291: Cross-origin bypass in DOM. Credit
to anonymous.
[522791] High CVE-2015-1292: Cross-origin bypass in
ServiceWorker. Credit to Mariusz Mlynski.
[524074] High CVE-2015-1293: Cross-origin bypass in DOM. Credit
to Mariusz Mlynski.
[492263] High CVE-2015-1294: Use-after-free in Skia. Credit
to cloudfuzzer.
[502562] High CVE-2015-1295: Use-after-free in Printing. Credit
to anonymous.
[421332] High CVE-2015-1296: Character spoofing in omnibox.
Credit to zcorpan.
[510802] Medium CVE-2015-1297: Permission scoping error in
Webrequest. Credit to Alexander Kashev.
[518827] Medium CVE-2015-1298: URL validation error in
extensions. Credit to Rob Wu.
[416362] Medium CVE-2015-1299: Use-after-free in Blink. Credit
to taro.suzuki.dev.
[511616] Medium CVE-2015-1300: Information leak in Blink. Credit
to cgvwzq.
[526825] CVE-2015-1301: Various fixes from internal audits,
fuzzing and other initiatives.