5

CVE-2011-3022

translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.

Data is provided by the National Vulnerability Database (NVD)
GoogleChrome Version < 17.0.963.56
GoogleChrome Version >= 19.0 < 19.0.1036.7
GoogleChrome Version19.0.1028.0
GoogleChrome Version19.0.1029.0
GoogleChrome Version19.0.1030.0
GoogleChrome Version19.0.1031.0
GoogleChrome Version19.0.1032.0
GoogleChrome Version19.0.1033.0
GoogleChrome Version19.0.1034.0
GoogleChrome Version19.0.1035.0
GoogleChrome Version19.0.1036.0
GoogleChrome Version19.0.1036.2
GoogleChrome Version19.0.1036.3
GoogleChrome Version19.0.1036.4
GoogleChrome Version19.0.1036.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.46% 0.613
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.