CVE-2018-6070

Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...

UBUNTU-CVE-2018-6070

Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...

CVE-2018-6070

Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...

CVE-2018-6070

CVE-2018-6070 is a CSP bypass vulnerability in Google Chrome/Chromium where an attacker could lure a user to install a crafted extension to bypass Content Security Policy. Technical details across connected records confirm the flaw resides in how extensions interact with WebUI CSP enforcement, en...

chromium-browser: csp bypass through extensions

Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...

Security update for chromium (important)

This update to Chromium 59.0.3071.86 fixes the following security issues: - CVE-2017-5070: Type confusion in V8 - CVE-2017-5071: Out of bounds read in V8 - CVE-2017-5072: Address spoofing in Omnibox - CVE-2017-5073: Use after free in print preview - CVE-2017-5074: Use after free in Apps Bluetooth...

openSUSE Security Update : chromium (openSUSE-2017-661)

This update to Chromium 59.0.3071.86 fixes the following security issues : - CVE-2017-5070: Type confusion in V8 - CVE-2017-5071: Out of bounds read in V8 - CVE-2017-5072: Address spoofing in Omnibox - CVE-2017-5073: Use after free in print preview - CVE-2017-5074: Use after free in Apps Bluetoot...

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 59.0.3071.86. It is, therefore, affected by multiple vulnerabilities as referenced in the 201706stable-channel-update-for-desktop advisory. - A use after free in credit card autofill in Google Chrome prior to 59.0.3071....

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 59.0.3071.86. It is, therefore, affected by multiple vulnerabilities as referenced in the 201706stable-channel-update-for-desktop advisory. - A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86...

Google Chrome WebUI Page JavaScript Code Execution Vulnerability

Google Chrome is a web browser developed by Google, Inc.WebUI pages are a graphical user interface. A JavaScript code execution vulnerability exists in WebUI pages in versions of Google Chrome prior to 59.0.3071.86. An attacker can exploit this vulnerability to execute JavaScript code...

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

Binary data 700131.pasl...