CVE-2017-5042 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-5042 Interim 1 20 2023-12-09T01:08:32Z current 2021-05-30T13:51:35Z 2023-12-09T01:08:32Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-5042 Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CGEJIAKNREDZSMA4I6FRAI6U2CLXZKIO/#CGEJIAKNREDZSMA4I6FRAI6U2CLXZKIO E-Mail link for openSUSE-SU-2017:0738-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2PWEOYPGN6NS2GPOOLH27ZPXQ7KSRFP4/#2PWEOYPGN6NS2GPOOLH27ZPXQ7KSRFP4 E-Mail link for openSUSE-SU-2017:0740-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 12 SP2 openSUSE Leap 15.0 openSUSE Leap 15.2 openSUSE Leap 15.3 openSUSE Leap 15.4 chromedriver-57.0.2987.98-8.1 chromium-101.0.4951.64-bp154.1.2 chromium-57.0.2987.98-8.1 chromium-66.0.3359.170-lp150.1.1 chromium-83.0.4103.97-lp152.1.1 chromium-90.0.4430.212-bp153.1.1 chromedriver-57.0.2987.98-8.1 as a component of SUSE Package Hub 12 SP2 chromium-57.0.2987.98-8.1 as a component of SUSE Package Hub 12 SP2 chromium-66.0.3359.170-lp150.1.1 as a component of openSUSE Leap 15.0 chromium-83.0.4103.97-lp152.1.1 as a component of openSUSE Leap 15.2 chromium-90.0.4430.212-bp153.1.1 as a component of openSUSE Leap 15.3 chromium-101.0.4951.64-bp154.1.2 as a component of openSUSE Leap 15.4 Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent. CVE-2017-5042 SUSE Package Hub 12 SP2:chromedriver-57.0.2987.98-8.1 SUSE Package Hub 12 SP2:chromium-57.0.2987.98-8.1 openSUSE Leap 15.0:chromium-66.0.3359.170-lp150.1.1 openSUSE Leap 15.2:chromium-83.0.4103.97-lp152.1.1 openSUSE Leap 15.3:chromium-90.0.4430.212-bp153.1.1 openSUSE Leap 15.4:chromium-101.0.4951.64-bp154.1.2 moderate 3.3 AV:A/AC:L/Au:N/C:P/I:N/A:N 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N