攻防启示:Chromium组件风险剖析与收敛
Tags
attack-pattern: | Javascript - T1059.007 |
Common Information
Type | Value |
---|---|
UUID | eea75182-936f-4308-892b-9e452a6ee7a3 |
Fingerprint | 6c9ed8924717d5ba |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | July 15, 2021, midnight |
Added to db | Dec. 19, 2024, 5:30 p.m. |
Last updated | Dec. 23, 2024, 11:17 a.m. |
Headline | 攻防启示:Chromium组件风险剖析与收敛 |
Title | 攻防启示:Chromium组件风险剖析与收敛 |
Detected Hints/Tags/Attributes | 27/1/65 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://www.secrss.com/articles/32671 |
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 14 | cve-2021-21220 |
|
Details | CVE | 10 | cve-2019-5782 |
|
Details | Domain | 2 | sites.cs.ucsb.edu |
|
Details | Domain | 43 | bugs.chromium.org |
|
Details | Domain | 120 | chromereleases.googleblog.com |
|
Details | Domain | 2 | chromium-review.googlesource.com |
|
Details | Domain | 9 | crbug.com |
|
Details | Domain | 1 | representation-change.cc |
|
Details | Domain | 1 | change.cc |
|
Details | Domain | 1 | download-chromium.appspot.com |
|
Details | Domain | 16 | chromium.googlesource.com |
|
Details | Domain | 4701 | github.com |
|
Details | Domain | 1 | sandboxing.md |
|
Details | Domain | 3 | seclab.stanford.edu |
|
Details | Domain | 485 | medium.com |
|
Details | Domain | 128 | docs.google.com |
|
Details | Domain | 22 | zhuanlan.zhihu.com |
|
Details | Domain | 8 | security.tencent.com |
|
Details | Domain | 6752 | 163.com |
|
Details | File | 2 | sites.cs |
|
Details | File | 1 | lxc-namespace.pdf |
|
Details | File | 1 | 其主要特性之一就是能在渲染进程中运行node.js |
|
Details | File | 1 | 大多数node.js |
|
Details | File | 1 | 表示renderer有权限访问node.js |
|
Details | File | 1 | regress-1195777.js |
|
Details | File | 1 | chrome.json |
|
Details | File | 1 | seccomp-chrome.json |
|
Details | File | 2 | chromium-security-architecture.pdf |
|
Details | File | 1311 | index.php |
|
Details | Github username | 2 | puppeteer |
|
Details | Github username | 3 | neargle |
|
Details | Github username | 1 | googlechrome |
|
Details | sha1 | 1 | 8d990c92df3d03ff3d313428f25dd11b7e509bcf |
|
Details | IPv4 | 4 | 4.1.3.1 |
|
Details | IPv4 | 2 | 4.1.3.2 |
|
Details | IPv4 | 1 | 4.1.3.3 |
|
Details | IPv4 | 676 | 0.0.0.0 |
|
Details | Url | 1 | https://sites.cs.ucsb.edu/~rich/class/cs293b-cloud/papers/lxc-namespace.pdf |
|
Details | Url | 1 | https://source.chromium.org/chromium/chromium/src/+/main:sandbox/policy/linux/bpf_audio_policy_linux.cc |
|
Details | Url | 1 | https://bugs.chromium.org/p/chromium/issues/list?can=1&q=security_severity=high |
|
Details | Url | 1 | https://chromereleases.googleblog.com/上发出 |
|
Details | Url | 1 | https://chromium-review.googlesource.com |
|
Details | Url | 1 | https://bugs.chromium.org对chromium的bug进行跟踪 |
|
Details | Url | 1 | https://crbug.com/1195777 |
|
Details | Url | 1 | https://chromium-review.googlesource.com/c/v8/v8 |
|
Details | Url | 1 | https://chromium-review.googlesource.com/c/v8/v8/+/2838235/4/test/mjsunit/compiler/regress-1195777.js |
|
Details | Url | 1 | https://chromium-review.googlesource.com/c/v8/v8/+/2838235/4/src/compiler/representation-change.cc |
|
Details | Url | 1 | https://download-chromium.appspot.com/中的最新版本进行更新 |
|
Details | Url | 1 | https://download-chromium.appspot.com/?platform=linux_x64&type=snapshots |
|
Details | Url | 1 | https://chromium.googlesource.com/chromium/src/+/master/docs/linux/sandboxing.md#sandbox |
|
Details | Url | 1 | https://chromium.googlesource.com/chromium/src/+/master/docs/linux/suid_sandbox_development.md |
|
Details | Url | 1 | https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting.md#alternative |
|
Details | Url | 1 | https://download-chromium.appspot.com |
|
Details | Url | 1 | https://github.com/neargle |
|
Details | Url | 1 | https://github.com/googlechrome/lighthouse-ci/blob/main/docs/recipes/docker-client/seccomp-chrome.json |
|
Details | Url | 1 | https://chromium.googlesource.com/chromium/src/+/head/docs/linux/sandboxing.md |
|
Details | Url | 2 | https://seclab.stanford.edu/websec/chromium/chromium-security-architecture.pdf |
|
Details | Url | 1 | https://medium.com/swlh/my-take-on-chrome-sandbox-escape-exploit-chain-dbf5a616eec5 |
|
Details | Url | 1 | https://chromium.googlesource.com/chromium/src/+/head/docs/linux/suid_sandbox.md |
|
Details | Url | 1 | https://docs.google.com/document/d/1aitsoucl0vhza9z2vbrjsyaisaz24kx8lfbyq5xqnug/edit |
|
Details | Url | 1 | https://zhuanlan.zhihu.com/p/279920830 |
|
Details | Url | 1 | https://docs.google.com/presentation/d/1xvzdaf29fgn19gcjdhhhlsecjafor49tpufwrbtqawu/htmlpresent |
|
Details | Url | 1 | https://docs.google.com/presentation/d/1h-1u9lmcghomviw0nye_sp_r49-bu42skvibn539-vg/edit#slide=id.gc6f73 |
|
Details | Url | 1 | https://security.tencent.com/index.php/announcement/msg/230 |
|
Details | Url | 2 | https://security.tencent.com/index.php/blog/msg/87 |