Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Chrome | * | 71.0.3578.80 (excluding) | |
Chromium-browser | Ubuntu | bionic | * |
Chromium-browser | Ubuntu | cosmic | * |
Chromium-browser | Ubuntu | devel | * |
Chromium-browser | Ubuntu | trusty | * |
Chromium-browser | Ubuntu | upstream | * |
Chromium-browser | Ubuntu | xenial | * |
Red Hat Enterprise Linux 6 Supplementary | RedHat | chromium-browser-0:71.0.3578.80-1.el6_10 | * |