Google » Chrome : Security Vulnerabilities, CVEs, Published In 2017 (Gain Privilege) CVSS score >= 3
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.50%
Published
2017-01-19
Updated
2018-01-05
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.90%
Published
2017-01-19
Updated
2018-01-05
2 vulnerabilities found