Total vulnerabilities in the database
core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image from an unintended source.
| Software | From | Fixed in |
|---|---|---|
| opensuse / opensuse | 13.1 | 13.1.x |
| opensuse / opensuse | 13.2 | 13.2.x |
| debian / debian_linux | 8.0 | 8.0.x |
| google / chrome | - | 43.0.2357.134.x |
| redhat / enterprise_linux_server_supplementary_eus | 6.7z | 6.7z.x |
| redhat / enterprise_linux_desktop_supplementary | 6.0 | 6.0.x |
| redhat / enterprise_linux_server_supplementary | 6.0 | 6.0.x |
| redhat / enterprise_linux_workstation_supplementary | 6.0 | 6.0.x |