Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

4 matches found

CVE•added 2014/07/20 11:12 a.m.•71 views

CVE-2014-3160

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file.

6.8CVSS5.9AI score0.00571EPSS

CVE•added 2014/07/20 11:12 a.m.•65 views

CVE-2014-3162

Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

5CVSS6.8AI score0.00436EPSS

CVE•added 2014/07/20 11:12 a.m.•31 views

CVE-2014-3161

The WebMediaPlayerAndroid::load function in content/renderer/media/android/webmediaplayer_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly interact with redirects, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that hosts a video s...

7.5CVSS6.3AI score0.00246EPSS

CVE•added 2014/07/20 11:12 a.m.•30 views

CVE-2014-3159

The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote attackers to spoof the URL in the Omnibox via unspecified...

6.4CVSS6.4AI score0.00223EPSS