10 matches found
SUSE CVE-2019-5838
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...
GHSA-83C3-QX27-2RWR Symfony Allows URI Restrictions Bypass Via Double-Encoded String
On the Symfony 2.0.x version, there's a security issue that allows access to routes protected by a firewall even when the user is not logged in. Both the Routing component and the Security component uses the path returned by getPathInfo to match a Request. The getPathInfo returns a decoded path,...
CRLF Injection
httplib2 is vulnerable to carriage-return line-feed CRLF injection. The vulnerability exists as it fails to restrict the characters , \r, \n in the value of URI...
CVE-2019-5838
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...
DEBIAN-CVE-2019-5838
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...
CVE-2019-5838
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...
chromium-browser: Overly permissive tab access in Extensions
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...
CVE-2019-5838
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...
KLA10443 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. By exploiting these vulnerabilities malicious users can gain privilleges, bypass security and cause denial of service. Below is a complete list of vulnerabilities 1. Improper URI restrictions can be exploited via a URI filesystem;...
Spoofing
Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string...