VYPR

Webview

by Google

CVEs (2)

  • CVE-2016-6754HigNov 25, 2016
    risk 0.61cvss 8.8epss 0.05

    A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-05 could enable a remote attacker to execute arbitrary code when the user is navigating to a website. This issue is rated as High due to the possibility of…

  • CVE-2014-6041Sep 2, 2014
    risk 0.05cvss epss 0.18

    The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open('\u0000javascript: sequence to the Android Browser application 4.2.1 or a…