Security Severity Ratings: Difference between revisions

Jump to navigation Jump to search

Security Severity Ratings (view source)

Revision as of 19:43, 19 September 2017

213 bytes added ,  19 September 2017
Be clear that sec-critical includes full chains as well as sandbox bypasses
(Explicitly mention sandbox escapes)
(Be clear that sec-critical includes full chains as well as sandbox bypasses)
Line 8: Line 8:
The following items are keywords for the severity of an issue.
The following items are keywords for the severity of an issue.


;'''sec-critical''': Exploitable vulnerabilities which can lead to the widespread compromise of many users requiring no more than normal browsing actions..
;'''sec-critical''': Exploitable vulnerabilities which can lead to the widespread compromise of many users requiring no more than normal browsing actions. This includes both "full chains" with a content process remote code execution combined with a sandbox escape, as well as sandbox bypasses where remote code execution is achieved directly in an unsandboxed process.
{| class="wikitable collapsible " style="width: 100%"
{| class="wikitable collapsible " style="width: 100%"
! ''sec-critical Examples:''
! ''sec-critical Examples:''
Alex gaynor
20

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1180773"

Navigation menu