CVE-2018-6178

🗓️ 09 Jan 2019 19:00:00Reported by ChromeType

Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker to Hide Chrome Security UI via a crafted Chrome Extension

Reporter	Title	Published	Views	Family All 48
FreeBSD	chromium -- multiple vulnerabilities	24 Jul 201800:00	–	freebsd
CNVD	Google Chrome Extensions URL Spoofing Vulnerability	25 Jul 201800:00	–	cnvd
Cvelist	CVE-2018-6178	9 Jan 201919:00	–	cvelist
Debian	[SECURITY] [DSA 4256-1] chromium-browser security update	27 Jul 201805:15	–	debian
Debian	[SECURITY] [DSA 4256-1] chromium-browser security update	27 Jul 201805:15	–	debian
Debian CVE	CVE-2018-6178	9 Jan 201919:00	–	debiancve
Tenable Nessus	Debian DSA-4256-1 : chromium-browser - security update	27 Jul 201800:00	–	nessus
Tenable Nessus	Fedora 28 : chromium (2018-499f2dbc96)	3 Jan 201900:00	–	nessus
Tenable Nessus	Fedora 27 : chromium (2018-4a16e37c81)	24 Sep 201800:00	–	nessus
Tenable Nessus	FreeBSD : chromium -- multiple vulnerabilities (b9c525d9-9198-11e8-beba-080027ef1a23)	30 Jul 201800:00	–	nessus

NVD

Vulners

Node

google chromeRange<68.0.3440.75

Node

debian debian_linuxMatch9.0

Node

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_workstationMatch6.0

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "68.0.3440.75",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
access	www.access.redhat.com/errata/RHSA-2018:2282
debian	www.debian.org/security/2018/dsa-4256
security	www.security.gentoo.org/glsa/201808-01
crbug	www.crbug.com/823194
chromereleases	www.chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html
securityfocus	www.securityfocus.com/bid/104887

21 Nov 2024 04:10Current

5.1Medium risk

Vulners AI Score5.1

CVSS 34.3

CVSS 24.3

EPSS0.00469

CWE-1021