Google Chrome 11 does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.
Max CVSS
4.3
EPSS Score
0.25%
Published
2011-06-30
Updated
2017-09-19
The Cascading Style Sheets (CSS) implementation in Google Chrome before 12.0.742.91 does not properly restrict access to the visit history, which allows remote attackers to obtain sensitive information via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.53%
Published
2011-06-09
Updated
2020-05-22
2 vulnerabilities found