2 matches found
SUSE CVE-2015-3752
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...
Google Chrome Content Security Policy Access Restriction Bypass Vulnerability (CNVD-2015-07972)
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the 'CSPSource::hostMatches' function in the WebKit/Source/core/frame/csp/CSPSource.cpp file in the Content Security Policy CSP implementation of Google Chrome prior to 47.0.2526.73,...