A successful exploit can allow the attacker to cross a security boundary. When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. Insufficient policy enforcement in Downloads in Google Chrome prior to 1.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. Insufficient policy enforcement in Autofill in Google Chrome prior to 1.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Affected Docker Desktop versions: from 4.13.0 before 4.23.0. This issue has been fixed in Docker Desktop 4.23.0. The affected functionality is available for Docker Business customers only and assumes an environment where users are not granted local root or Administrator privileges. (Chromium security severity: Low)ĭocker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. Inappropriate implementation in Autofill in Google Chrome prior to 1.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. Inappropriate implementation in Fullscreen in Google Chrome prior to 1.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |