Insufficient validation of untrusted input in XML in Google Chrome prior to 1.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. Inappropriate implementation in Autofill in Google Chrome on Android prior to 1.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 1.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. A successful exploit can allow the attacker to cross a security boundary. When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. Insufficient policy enforcement in Downloads in Google Chrome prior to 1.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. Insufficient policy enforcement in Autofill in Google Chrome prior to 1.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Affected Docker Desktop versions: from 4.13.0 before 4.23.0. This issue has been fixed in Docker Desktop 4.23.0. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. (Chromium security severity: Low)ĭocker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. Inappropriate implementation in Autofill in Google Chrome prior to 1.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. Inappropriate implementation in Fullscreen in Google Chrome prior to 1.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |