Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.Referenceshttps://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.htmlhttps://crbug.com/1064676http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.htmlhttps://security.gentoo.org/glsa/202007-08https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.htmlhttp://packetstormsecurity.com/files/160353/Chromium-83-CSP-Bypass.htmlhttps://www.debian.org/security/2021/dsa-4824
