Astra Linux - уязвимость в chromium

Insufficient data validation in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...

CVE-2022-50785 fsi: occ: Prevent use after free

In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use getdevice and putdevice in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock around the freeing of the device buffer and check...

ROS-20251110-03

Vulnerability in Google Chrome browser is related to insufficient input data validation when processing DOM elements. Exploitation of the vulnerability allows a remote attacker to launch a spoofing attack or cause a denial of service. Spoofing attack or cause a denial of service Vulnerability in...

Extract has insufficient checks allowing attacker to create symlinks outside the extraction directory.

Impact A maliciously crafted archive may allow an attacker to create a symlink outside the extraction target directory. Patches Please use version 4.0.0 or later github.com/codeclysm/extract/v4. Any previous version is affected by the bug. Workarounds No knows workarounds. Backward compatibility...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 112.0.5615.49, which stemmed from insufficient policy enforcement in the File System API...

SUSE CVE-2021-21129

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page...

CVE-2022-3443

Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page. Chromium security severity: Low...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome prior to version 106.0.5249.62, which stems from insufficient data validation in the file system API, and can be exploited by remote attackers to bypass file system restrictions via a crafted HTML pa...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google Inc. in the United States. A security vulnerability exists in Google Chrome that stems from insufficient policy enforcement in the file system API...

Google Chrome 权限许可和访问控制问题漏洞

Google Chrome is a web browser from Google, Inc. A privilege permission and access control issue vulnerability exists in Google Chrome versions 70.0.3538.67 through 101.0.4951.67, which stems from insufficient policy enforcement in the file system API. A remote attacker could exploit the...

DEBIAN-CVE-2021-21141

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page...

Google Chrome Backlink Vulnerability

Google Chrome is a web browser from Google, Inc. in the United States. A backlink vulnerability previously existed in Google Chromium version 88.0.4324.96, which stemmed from the discovery of insufficient policy enforcement security in the program's file system API component...