N/A

Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which makes it easier for man-in-the-middle attackers to spoof SSL servers and obtain sensitive information via a crafted certificate.

N/A

N/A

Intel Crosswalk 安全漏洞

Intel Crosswalk是美国英特尔（Intel）公司的一套Web引擎。 Intel Crosswalk中存在安全漏洞，该漏洞源于程序没有正确验证X.509证书。攻击者可借助特制的证书利用该漏洞实施中间人攻击，欺骗服务器，获取敏感信息。以下版本受到影响：Intel Crosswalk 19.49.514.5之前的版本，20.50.533.11之前的20.x版本，21.51.546.0之前的21.x版本，22.51.549.0之前的22.x版本。

N/A

N/A