CVE-2017-5107 log

Severity Low
Remote Yes
Type Information disclosure
An information leakage vulnerability has been found in the Chromium browser < 60.0.3112.78. By rendering a FeConvolveMatrix SVG filter over a target iframe and timing its execution an attacking page can extract pixel values from a cross-origin page being iframe'd. This also allows reading ones own origin for history sniffing.
Group Package Affected Fixed Severity Status Ticket
AVG-363 chromium 59.0.3071.115-1 60.0.3112.78-1 Critical Fixed
Date Advisory Group Package Severity Type
27 Jul 2017 ASA-201707-29 AVG-363 chromium Critical multiple issues