Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.2 views

SUSE CVE-2019-5838

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

4.3CVSS6.2AI score0.00785EPSS
Exploits0References7
OSV
OSV
added 2022/05/17 5:17 a.m.25 views

GHSA-83C3-QX27-2RWR Symfony Allows URI Restrictions Bypass Via Double-Encoded String

On the Symfony 2.0.x version, there's a security issue that allows access to routes protected by a firewall even when the user is not logged in. Both the Routing component and the Security component uses the path returned by getPathInfo to match a Request. The getPathInfo returns a decoded path,...

6.4CVSS6AI score0.01876EPSS
Exploits0References9
Veracode
Veracode
added 2020/05/21 6:42 a.m.28 views

CRLF Injection

httplib2 is vulnerable to carriage-return line-feed CRLF injection. The vulnerability exists as it fails to restrict the characters , \r, \n in the value of URI...

6.8CVSS3.9AI score0.02593EPSS
Exploits0References17Affected Software4
OSV
OSV
added 2019/06/27 5:15 p.m.6 views

CVE-2019-5838

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

4.3CVSS5.5AI score
Exploits0References8
OSV
OSV
added 2019/06/27 5:15 p.m.1 views

DEBIAN-CVE-2019-5838

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

4.3CVSS8.6AI score0.00785EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/06/27 4:13 p.m.34 views

CVE-2019-5838

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

4.3CVSS6.2AI score0.00785EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2019/06/17 7:38 a.m.8 views

chromium-browser: Overly permissive tab access in Extensions

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

4.3CVSS7.3AI score0.00785EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2019/06/07 11:51 a.m.17 views

CVE-2019-5838

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

4.3CVSS4.2AI score0.00785EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2015/02/06 12:0 a.m.69 views

KLA10443 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. By exploiting these vulnerabilities malicious users can gain privilleges, bypass security and cause denial of service. Below is a complete list of vulnerabilities 1. Improper URI restrictions can be exploited via a URI filesystem;...

7.5CVSS9.9AI score0.02854EPSS
Exploits0References3
Prion
Prion
added 2012/12/27 11:47 a.m.14 views

Spoofing

Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string...

6.4CVSS7.1AI score0.01876EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder