CVE-2018-16081

🗓️ 09 Jan 2019 19:00:00Reported by ChromeType

Allowing the chrome.debugger API to run on file:// URLs in DevTool

Reporter	Title	Published	Views	Family All 47
BDU FSTEC	The vulnerability in the set of tools provided by Google Chrome’s DevTools allows a perpetrator to gain unauthorized access to local files.	3 Dec 201900:00	–	bdu_fstec
CNVD	Google Chrome DevTools Information Disclosure Vulnerability	7 Sep 201800:00	–	cnvd
Cvelist	CVE-2018-16081	9 Jan 201919:00	–	cvelist
Debian	[SECURITY] [DSA 4289-1] chromium-browser security update	8 Sep 201803:21	–	debian
Debian CVE	CVE-2018-16081	9 Jan 201919:00	–	debiancve
Tenable Nessus	Debian DSA-4289-1 : chromium-browser - security update	10 Sep 201800:00	–	nessus
Tenable Nessus	Fedora 28 : chromium (2018-13d8c35127)	3 Jan 201900:00	–	nessus
Tenable Nessus	Fedora 29 : chromium (2018-39be36e9fc)	3 Jan 201900:00	–	nessus
Tenable Nessus	Fedora 27 : chromium (2018-4a16e37c81)	24 Sep 201800:00	–	nessus
Tenable Nessus	GLSA-201811-10 : Chromium: Multiple vulnerabilities	26 Nov 201800:00	–	nessus

NVD

Vulners

Node

google chromeRange<69.0.3497.81

Node

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_workstationMatch6.0

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "69.0.3497.81",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
chromereleases	www.chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html
securityfocus	www.securityfocus.com/bid/105215
access	www.access.redhat.com/errata/RHSA-2018:2666
security	www.security.gentoo.org/glsa/201811-10
crbug	www.crbug.com/666299

17 Jun 2026 01:43Current

7.3High risk

Vulners AI Score7.3

CVSS 24.3

CVSS 37.4

EPSS0.01064

CWE-862