Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:29110
HistoryJan 22, 2021 - 9:31 p.m.

Sandbox Restrictions Bypass

2021-01-2221:31:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
27
chromium
sandbox
restriction bypass
arbitrary code execution
iframe

EPSS

0.002

Percentile

64.8%

chromium is vulnerable to arbitrary code execution. An inappropriate implementation flaw in the iframe sandbox component allows an attacker to bypass sandbox restrictions.

Affected configurations

Vulners
Node
-chromium\Matchsid83.0.4103.116-3.1
OR
-chromium\Matchbuster83.0.4103.116-1~deb10u3
OR
-chromium\Matchbullseye83.0.4103.116-3.1
VendorProductVersionCPE
-chromium\sidcpe:2.3:a:-:chromium\:sid:83.0.4103.116-3.1:*:*:*:*:*:*:*
-chromium\bustercpe:2.3:a:-:chromium\:buster:83.0.4103.116-1~deb10u3:*:*:*:*:*:*:*
-chromium\bullseyecpe:2.3:a:-:chromium\:bullseye:83.0.4103.116-3.1:*:*:*:*:*:*:*