![]() ![]() Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 1.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. ![]() Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. A successful exploit can allow the attacker to cross a security boundary. When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. Insufficient policy enforcement in Downloads in Google Chrome prior to 1.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. Insufficient policy enforcement in Autofill in Google Chrome prior to 1.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Affected Docker Desktop versions: from 4.13.0 before 4.23.0. This issue has been fixed in Docker Desktop 4.23.0. ![]() The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. (Chromium security severity: Low)ĭocker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. Inappropriate implementation in Autofill in Google Chrome prior to 1.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. Inappropriate implementation in Fullscreen in Google Chrome prior to 1.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |