CVE-2017-5046 Common Vulnerabilities and Exposures

Upstream information

CVE-2017-5046 at MITRE

Description

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

SUSE Bugzilla entries: 1028848 [RESOLVED / FIXED], 1028875 [RESOLVED / DUPLICATE]

SUSE Security Advisories:

openSUSE-SU-2017:0738-1, published Fri Dec 8 15:48:36 2023
openSUSE-SU-2017:0740-1, published Fri Dec 8 15:48:36 2023

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Package Hub 12 SP2	`chromedriver >= 57.0.2987.98-8.1` `chromium >= 57.0.2987.98-8.1`	Patchnames: openSUSE-2017-353
openSUSE Leap 15.0	`chromium >= 66.0.3359.170-lp150.1.1`	Patchnames: openSUSE Leap 15.0 GA chromium-66.0.3359.170-lp150.1.1
openSUSE Leap 15.2	`chromium >= 83.0.4103.97-lp152.1.1`	Patchnames: openSUSE Leap 15.2 GA chromium-83.0.4103.97-lp152.1.1
openSUSE Leap 15.3	`chromium >= 90.0.4430.212-bp153.1.1`	Patchnames: openSUSE Leap 15.3 GA chromium-90.0.4430.212-bp153.1.1
openSUSE Leap 15.4	`chromium >= 101.0.4951.64-bp154.1.2`	Patchnames: openSUSE Leap 15.4 GA chromium-101.0.4951.64-bp154.1.2

SUSE Timeline for this CVE

CVE page created: Fri Mar 10 10:30:16 2017
CVE page last modified: Mon Sep 9 13:24:17 2024