CVE-2018-6071

🗓️ 14 Nov 2018 15:00:00Reported by ChromeType

An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page

Reporter	Title	Published	Views	Family All 56
FreeBSD	chromium -- vulnerability	3 May 201600:00	–	freebsd
CNVD	Google Chrome Skia Buffer Overflow Vulnerability (CNVD-2018-08956)	11 Apr 201800:00	–	cnvd
Cvelist	CVE-2018-6071	14 Nov 201815:00	–	cvelist
Debian	[SECURITY] [DSA 4182-1] chromium-browser security update	28 Apr 201805:30	–	debian
Debian	[SECURITY] [DSA 4182-1] chromium-browser security update	28 Apr 201805:30	–	debian
Debian CVE	CVE-2018-6071	14 Nov 201815:00	–	debiancve
Tenable Nessus	Debian DSA-4182-1 : chromium-browser - security update	30 Apr 201800:00	–	nessus
Tenable Nessus	Fedora 26 : qt5-qtwebengine (2018-024afa2d48)	27 Mar 201800:00	–	nessus
Tenable Nessus	Fedora 27 : qt5-qtwebengine (2018-44e1c23700)	27 Mar 201800:00	–	nessus
Tenable Nessus	Fedora 28 : chromium (2018-aafdbb5554)	3 Jan 201900:00	–	nessus

NVD

Vulners

Node

google chromeRange<65.0.3325.146

Node

redhat linux_desktopMatch6.0

redhat linux_serverMatch6.0

redhat linux_workstationMatch6.0

Node

debian debian_linuxMatch9.0

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "65.0.3325.146",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/103297
chromereleases	www.chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
crbug	www.crbug.com/777318
access	www.access.redhat.com/errata/RHSA-2018:0484
debian	www.debian.org/security/2018/dsa-4182

21 Nov 2024 04:10Current

8.1High risk

Vulners AI Score8.1

CVSS 26.8

CVSS 38.8

EPSS0.00655