CVE-2016-5145 (retired)

Priority
Description
Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that
a taint property is preserved after a structure-clone operation on an
ImageBitmap object derived from a cross-origin image, which allows remote
attackers to bypass the Same Origin Policy via crafted JavaScript code.
Package
Upstream:released (52.0.2743.116-1)
Ubuntu 16.04 LTS (Xenial Xerus):released (52.0.2743.116-0ubuntu0.16.04.1.1250)
Package
Upstream:released (1.16.6)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.17.7-0ubuntu0.16.04.1)
More Information

Updated: 2019-09-19 15:58:31 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)