CVE-2016-5135 (retired)

Priority
Description
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in
Google Chrome before 52.0.2743.82, does not consider referrer-policy
information inside an HTML document during a preload request, which allows
remote attackers to bypass the Content Security Policy (CSP) protection
mechanism via a crafted web site, as demonstrated by a
"Content-Security-Policy: referrer origin-when-cross-origin" header that
overrides a "<META name='referrer' content='no-referrer'>" element.
Package
Upstream:released (52.0.2743.82)
Ubuntu 14.04 LTS (Trusty Tahr):released (52.0.2743.116-0ubuntu0.14.04.1.1134)
Ubuntu 16.04 LTS (Xenial Xerus):released (52.0.2743.116-0ubuntu0.16.04.1.1250)
Package
Upstream:released (1.16.5)
Ubuntu 14.04 LTS (Trusty Tahr):released (1.16.5-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.16.5-0ubuntu0.16.04.1)
More Information

Updated: 2019-03-26 12:21:53 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)