vulnerability

CentOS Linux: CVE-2017-15423: Critical: chromium-browser security update (CESA-2017:3401)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
2018-08-28
Added
2019-08-28
Modified
2023-05-25

Description

Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.

Solution(s)

centos-upgrade-chromium-browsercentos-upgrade-chromium-browser-debuginfo
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.