2 matches found
UBUNTU-CVE-2022-46873
Because Firefox did not implement the unsafe-hashes CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome versions prior to 108.0.5359.71 suffer from a security vulnerability in the use of Audio after release, which can be exploited by an attacker to launch an attack via a specially crafted Chrome Extension exploiting heap...