vulnerability
SUSE: CVE-2016-5132: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jul 23, 2016 | Jul 26, 2016 | Feb 4, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jul 23, 2016
Added
Jul 26, 2016
Modified
Feb 4, 2022
Description
The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME element.
Solutions
suse-upgrade-chromedriversuse-upgrade-chromiumsuse-upgrade-chromium-desktop-gnomesuse-upgrade-chromium-desktop-kdesuse-upgrade-chromium-ffmpegsumo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.