Code injection

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

UBUNTU-CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

UBUNTU-CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that stems from insufficient policy enforcement in DevTools. An attacker convinces users to install malicious extensions in order to bypass navigation restrictions via a crafted Chrome extension...

Google Chrome Security Bypass Vulnerability (CNVD-2023-08260)

Google Chrome is a web browser from Google, Inc. A security bypass vulnerability exists in Google Chrome, which is caused by insufficient policy enforcement in DevTools. An attacker could exploit this vulnerability to bypass security restrictions...

Google Chrome < 108.0.5359.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 108.0.5359.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202211stable-channel-update-for-desktop29 advisory. - Use after free in Accessibility in Google Chrome prior to 108.0.5359.71...

CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

PT-2022-6773 · Google · Google Chrome

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 108.0.5359.71 Description: The issue is related to an inappropriate implementation in DevTools, which allowed an attacker to bypass file access restrictions. This could be achieved by convincing a user to insta...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 28 security fixes, including: 1379054 High CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao @Kipreyyy on 2022-10-27 1381401 High CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on...

CVE-2022-4187

CVE-2022-4187 affects Google Chrome/DevTools on Windows prior to 108.0.5359.71, where insufficient policy enforcement in DevTools could allow a remote attacker to bypass filesystem restrictions via a crafted HTML page. The vulnerability is listed with a Chromium/Chrome Medium severity and is amon...

CVE-2022-4189

CVE-2022-4189 relates to Google Chrome/Chromium: Insufficient policy enforcement in DevTools that could let a user who installs a malicious extension bypass navigation restrictions via a crafted Chrome Extension. The issue is documented with a Medium severity (CVSS v3.1 base score 4.3) and is add...

CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

Google Chrome < 108.0.5359.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 108.0.5359.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202211stable-channel-update-for-desktop29 advisory. - Use after free in Accessibility in Google Chrome prior to 108.0.5359.71...

GLSA-202210-16 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-16 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to...

MAL-2022-6269 Malicious code in spring-boot-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c0313226e487a37c9158c78bc620c0306eb778d0aa789677c0c77811785295 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in spring-boot-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c0313226e487a37c9158c78bc620c0306eb778d0aa789677c0c77811785295 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-37609

Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 via the name variable in options.js...

Debian DSA-5244-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5244 advisory. - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install...