Redhat » Linux Desktop : Security Vulnerabilities, CVEs, (Information Leak)
A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.79%
Published
2018-12-04
Updated
2019-03-01
Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.79%
Published
2018-12-04
Updated
2019-03-01
Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction.
Max CVSS
6.5
EPSS Score
1.82%
Published
2018-11-14
Updated
2018-12-19
Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.66%
Published
2018-11-14
Updated
2018-12-19
4 vulnerabilities found