CVE-2016-8508 is a warning-bypass issue in Yandex Browser for desktop. On websites using a special content-type, the browser did not display Protect warnings, which could let a remote attacker hide an important safety warning on a malicious site. NVD rates the issue as medium severity and lists remediation in version 17.1.1.227 and later.
CVE-2016-8507 is a medium-severity issue in Yandex Browser for iOS where facetime:// URLs were not properly restricted. A crafted website could cause a FaceTime call to start without the user’s approval and expose video and audio data from the device. The issue was publicly disclosed on 2017-03-01 and is fixed in versions after 16.10.0.2357.
