Oval Definition:oval:org.opensuse.security:def:20161617
Revision Date:2022-06-30Version:1
Title:CVE-2016-1617
Description:

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easier for remote attackers to determine whether a specific HSTS web site has been visited by reading a CSP report.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-1617
Mitre CVE-2016-1617
SUSE CVE-2016-1617
openSUSE-SU-2016:0249-1
openSUSE-SU-2016:0250-1
openSUSE-SU-2016:0271-1
Platform(s):openSUSE 13.1
openSUSE 13.2
openSUSE Leap 15.0
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap 42.1
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE 13.1 is installed
  • AND Package Information
  • chromedriver-48.0.2564.82-122.1 is installed
  • OR chromium-48.0.2564.82-122.1 is installed
  • OR chromium-desktop-gnome-48.0.2564.82-122.1 is installed
  • OR chromium-desktop-kde-48.0.2564.82-122.1 is installed
  • OR chromium-ffmpegsumo-48.0.2564.82-122.1 is installed
    • Definition Synopsis
  • openSUSE 13.2 is installed
  • AND Package Information
  • chromedriver-48.0.2564.82-67.1 is installed
  • OR chromium-48.0.2564.82-67.1 is installed
  • OR chromium-desktop-gnome-48.0.2564.82-67.1 is installed
  • OR chromium-desktop-kde-48.0.2564.82-67.1 is installed
  • OR chromium-ffmpegsumo-48.0.2564.82-67.1 is installed
    • Definition Synopsis
  • openSUSE Leap 42.1 is installed
  • AND Package Information
  • chromedriver-48.0.2564.82-13.1 is installed
  • AND chromedriver is signed with openSUSE key
  • OR
  • chromium-48.0.2564.82-13.1 is installed
  • AND chromium is signed with openSUSE key
  • OR
  • chromium-desktop-gnome-48.0.2564.82-13.1 is installed
  • AND chromium-desktop-gnome is signed with openSUSE key
  • OR
  • chromium-desktop-kde-48.0.2564.82-13.1 is installed
  • AND chromium-desktop-kde is signed with openSUSE key
  • OR
  • chromium-ffmpegsumo-48.0.2564.82-13.1 is installed
  • AND chromium-ffmpegsumo is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • chromium-66.0.3359.170-lp150.1 is installed
  • AND chromium is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • chromedriver-55.0.2883.75-3.1 is installed
  • OR chromium-55.0.2883.75-3.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • chromium-90.0.4430.212-bp153.1.1 is installed
  • AND chromium is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • chromium-101.0.4951.64-bp154.1.2 is installed
  • AND chromium is signed with openSUSE key
    • BACK