5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.7%
A scheme validation error in WebUI (CVE-2015-1266). Two cross-origin bypass issues in Blink (CVE-2015-1267, CVE-2015-1268). A normalization error in the HSTS/HPKP preload list (CVE-2015-1269). This update also disables the automatic, silent downloading and installation of “external components” like the hotword extension.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | chromium-browser-stable | < 43.0.2357.130-1 | chromium-browser-stable-43.0.2357.130-1.mga4 |
Mageia | 5 | noarch | chromium-browser-stable | < 43.0.2357.130-1 | chromium-browser-stable-43.0.2357.130-1.mga5 |