Insufficient policy enforcement in Autofill in Google Chrome prior to 1.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Affected Docker Desktop versions: from 4.13.0 before 4.23.0. This issue has been fixed in Docker Desktop 4.23.0. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. (Chromium security severity: Low)ĭocker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. Inappropriate implementation in Autofill in Google Chrome prior to 1.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (this typically failed because the video was playing in the internal or an external video player).Inappropriate implementation in Fullscreen in Google Chrome prior to 1.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |