ID DEBIANCVE:CVE-2018-6088 Type debiancve Reporter Debian Security Bug Tracker Modified 2018-12-04T17:29:00
Description
An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
{"redhatcve": [{"lastseen": "2021-09-02T22:45:18", "description": "An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-18T09:19:47", "type": "redhatcve", "title": "CVE-2018-6088", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6088"], "modified": "2020-08-18T10:02:33", "id": "RH:CVE-2018-6088", "href": "https://access.redhat.com/security/cve/cve-2018-6088", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:34:07", "description": "An iterator-invalidation bug in PDFium in Google Chrome prior to\n66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a\nsandbox via a crafted PDF file.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-04T00:00:00", "type": "ubuntucve", "title": "CVE-2018-6088", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6088"], "modified": "2018-12-04T00:00:00", "id": "UB:CVE-2018-6088", "href": "https://ubuntu.com/security/CVE-2018-6088", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T18:03:37", "description": "An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-12-04T17:29:00", "type": "cve", "title": "CVE-2018-6088", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6088"], "modified": "2019-03-01T19:54:00", "cpe": ["cpe:/o:redhat:linux_workstation:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:redhat:linux_desktop:6.0", "cpe:/o:redhat:linux_server:6.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-6088", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6088", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:linux_server:6.0:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-08-19T12:31:14", "description": "The version of Google Chrome installed on the remote host is prior to 66.0.3359.117, and is affected by multiple vulnerabilities :\n\n - A flaw exists in the 'DevToolsDownloadManagerDelegate::OnDownloadPathGenerated()' function in 'devtools/protocol/devtools_download_manager_delegate.cc' that is triggered when handling downloads. This may allow a malicious extension to write to arbitrary files and bypass the dangerous file check.\n - A flaw exists in Oilpan during the handling of heap objects. This may allow an attacker to bypass the heap object integrity checks.\n - A flaw exists in the 'MultipartImageResourceParser::ParseHeaders()' function in 'core/loader/resource/MultipartImageResourceParser.cpp' that is triggered when handling multipart image responses. This may allow a context-dependent attacker to bypass cross-origin resource sharing (CORS) configurations.\n - An out-of-bounds read flaw exists in the 'Merge::Downsample()' function in 'modules/audio_coding/neteq/merge.cc' that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to disclose memory contents.\n - A flaw exists that is triggered when handling opaque responses for WebVTT in service workers. This may allow a context-dependent attacker to bypass the cross-origin resource sharing (CORS) configurations.\n - A flaw exists that is triggered as service workers do not handle media element requests properly. This may allow a context-dependent attacker to bypass the same origin policy.\n - A flaw exists that is triggered when handling plug-ins via service workers. This may allow a context-dependent attacker to bypass the same origin policy.\n - A use-after-free error exists that is triggered when handling paint layers during scroll updates. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - A use-after-free error exists in the 'DeviceMediaToMojoAdapter::Start()' function in 'services/video_capture/device_media_to_mojo_adapter.cc' that is triggered during a Mojo connection error. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code.\n - A flaw exists as the password saving and autofill setting labels are misleading in the application settings. This may result in passwords still being automatically filled although the user has disabled all related settings.\n - A flaw exists in the 'ImageLoader::DoUpdateFromElement()' function in 'core/loader/ImageLoader.cpp' that is triggered as the request context is not properly handled when an image is requested. This may allow a context-dependent attacker to bypass the same origin policy.\n - A flaw exists in Navigation that is triggered when handling pending item URLs. This may allow a context-dependent to spoof the URL.\n - A MIME type sniffing flaw exists that is triggered when handling files using the file protocol handler. This may allow a context-dependent attacker to cause the browser to interpret and render a file using a content type other than the intended content type.\n - A flaw exists that is triggered as FileAPI does not check the modification time of files selected in 'input' elements. This may allow a context-dependent attacker to gain access to potentially sensitive information in changes to the file, applied after selection.\n - A flaw exists as it does not restrict use of special characters with diacritic-like marks. With specially crafted IDN domains, a context-dependent attacker can spoof an omnibox address.\n - A flaw exists as it does not restrict use of special characters with diacritic-like marks (U+0454). With specially crafted IDN domains, a context-dependent attacker can spoof an omnibox address.\n - A flaw exists as it does not restrict use of special characters with diacritic-like marks. With specially crafted IDN domains, a context-dependent attacker can spoof an omnibox address.\n - A flaw exists as it does not restrict use of special characters with diacritic-like marks.", "cvss3": {"score": null, "vector": null}, "published": "2018-08-23T00:00:00", "type": "nessus", "title": "Google Chrome < 66.0.3359.117 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117", "CVE-2018-6152"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "700356.PASL", "href": "https://www.tenable.com/plugins/nnm/700356", "sourceData": "Binary data 700356.pasl", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:38:42", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 66.0.3359.117.\n\nSecurity Fix(es) :\n\n* chromium-browser: Use after free in Disk Cache (CVE-2018-6085)\n\n* chromium-browser: Use after free in Disk Cache (CVE-2018-6086)\n\n* chromium-browser: Use after free in WebAssembly (CVE-2018-6087)\n\n* chromium-browser: Use after free in PDFium (CVE-2018-6088)\n\n* chromium-browser: Same origin policy bypass in Service Worker (CVE-2018-6089)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2018-6090)\n\n* chromium-browser: Incorrect handling of plug-ins by Service Worker (CVE-2018-6091)\n\n* chromium-browser: Integer overflow in WebAssembly (CVE-2018-6092)\n\n* chromium-browser: Same origin bypass in Service Worker (CVE-2018-6093)\n\n* chromium-browser: Exploit hardening regression in Oilpan (CVE-2018-6094)\n\n* chromium-browser: Lack of meaningful user interaction requirement before file upload (CVE-2018-6095)\n\n* chromium-browser: Fullscreen UI spoof (CVE-2018-6096)\n\n* chromium-browser: Fullscreen UI spoof (CVE-2018-6097)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6098)\n\n* chromium-browser: CORS bypass in ServiceWorker (CVE-2018-6099)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6100)\n\n* chromium-browser: Insufficient protection of remote debugging prototol in DevTools (CVE-2018-6101)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6102)\n\n* chromium-browser: UI spoof in Permissions (CVE-2018-6103)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6104)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6105)\n\n* chromium-browser: Incorrect handling of promises in V8 (CVE-2018-6106)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6107)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6108)\n\n* chromium-browser: Incorrect handling of files by FileAPI (CVE-2018-6109)\n\n* chromium-browser: Incorrect handling of plaintext files via file:// (CVE-2018-6110)\n\n* chromium-browser: Heap-use-after-free in DevTools (CVE-2018-6111)\n\n* chromium-browser: Incorrect URL handling in DevTools (CVE-2018-6112)\n\n* chromium-browser: URL spoof in Navigation (CVE-2018-6113)\n\n* chromium-browser: CSP bypass (CVE-2018-6114)\n\n* chromium-browser: Incorrect low memory handling in WebAssembly (CVE-2018-6116)\n\n* chromium-browser: Confusing autofill settings (CVE-2018-6117)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-04-24T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2018:1195)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2022-01-28T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser", "p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2018-1195.NASL", "href": "https://www.tenable.com/plugins/nessus/109299", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1195. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109299);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/28\");\n\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\", \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\", \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\", \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\", \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\", \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\", \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\", \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6116\", \"CVE-2018-6117\");\n script_xref(name:\"RHSA\", value:\"2018:1195\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2018:1195)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 66.0.3359.117.\n\nSecurity Fix(es) :\n\n* chromium-browser: Use after free in Disk Cache (CVE-2018-6085)\n\n* chromium-browser: Use after free in Disk Cache (CVE-2018-6086)\n\n* chromium-browser: Use after free in WebAssembly (CVE-2018-6087)\n\n* chromium-browser: Use after free in PDFium (CVE-2018-6088)\n\n* chromium-browser: Same origin policy bypass in Service Worker\n(CVE-2018-6089)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2018-6090)\n\n* chromium-browser: Incorrect handling of plug-ins by Service Worker\n(CVE-2018-6091)\n\n* chromium-browser: Integer overflow in WebAssembly (CVE-2018-6092)\n\n* chromium-browser: Same origin bypass in Service Worker\n(CVE-2018-6093)\n\n* chromium-browser: Exploit hardening regression in Oilpan\n(CVE-2018-6094)\n\n* chromium-browser: Lack of meaningful user interaction requirement\nbefore file upload (CVE-2018-6095)\n\n* chromium-browser: Fullscreen UI spoof (CVE-2018-6096)\n\n* chromium-browser: Fullscreen UI spoof (CVE-2018-6097)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6098)\n\n* chromium-browser: CORS bypass in ServiceWorker (CVE-2018-6099)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6100)\n\n* chromium-browser: Insufficient protection of remote debugging\nprototol in DevTools (CVE-2018-6101)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6102)\n\n* chromium-browser: UI spoof in Permissions (CVE-2018-6103)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6104)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6105)\n\n* chromium-browser: Incorrect handling of promises in V8\n(CVE-2018-6106)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6107)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6108)\n\n* chromium-browser: Incorrect handling of files by FileAPI\n(CVE-2018-6109)\n\n* chromium-browser: Incorrect handling of plaintext files via file://\n(CVE-2018-6110)\n\n* chromium-browser: Heap-use-after-free in DevTools (CVE-2018-6111)\n\n* chromium-browser: Incorrect URL handling in DevTools (CVE-2018-6112)\n\n* chromium-browser: URL spoof in Navigation (CVE-2018-6113)\n\n* chromium-browser: CSP bypass (CVE-2018-6114)\n\n* chromium-browser: Incorrect low memory handling in WebAssembly\n(CVE-2018-6116)\n\n* chromium-browser: Confusing autofill settings (CVE-2018-6117)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:1195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6085\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6088\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6091\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6092\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6113\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6117\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:1195\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-66.0.3359.117-1.el6_9\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-66.0.3359.117-1.el6_9\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-66.0.3359.117-1.el6_9\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-66.0.3359.117-1.el6_9\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T16:40:51", "description": "The version of Google Chrome installed on the remote Windows host is prior to 66.0.3359.117. It is, therefore, affected by a multiple unspecified vulnerabilities as noted in Chrome stable channel update release notes for April 17th, 2018. Please refer to the release notes for additional information.\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-27T00:00:00", "type": "nessus", "title": "Google Chrome < 66.0.3359.117 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6084", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_66_0_3359_117.NASL", "href": "https://www.tenable.com/plugins/nessus/109395", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109395);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2018-6084\",\n \"CVE-2018-6085\",\n \"CVE-2018-6086\",\n \"CVE-2018-6087\",\n \"CVE-2018-6088\",\n \"CVE-2018-6089\",\n \"CVE-2018-6090\",\n \"CVE-2018-6091\",\n \"CVE-2018-6092\",\n \"CVE-2018-6093\",\n \"CVE-2018-6094\",\n \"CVE-2018-6095\",\n \"CVE-2018-6096\",\n \"CVE-2018-6097\",\n \"CVE-2018-6098\",\n \"CVE-2018-6099\",\n \"CVE-2018-6100\",\n \"CVE-2018-6101\",\n \"CVE-2018-6102\",\n \"CVE-2018-6103\",\n \"CVE-2018-6104\",\n \"CVE-2018-6105\",\n \"CVE-2018-6106\",\n \"CVE-2018-6107\",\n \"CVE-2018-6108\",\n \"CVE-2018-6109\",\n \"CVE-2018-6110\",\n \"CVE-2018-6111\",\n \"CVE-2018-6112\",\n \"CVE-2018-6113\",\n \"CVE-2018-6114\",\n \"CVE-2018-6115\",\n \"CVE-2018-6116\",\n \"CVE-2018-6117\"\n );\n script_bugtraq_id(103917);\n\n script_name(english:\"Google Chrome < 66.0.3359.117 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 66.0.3359.117. It is, therefore, affected by a multiple\nunspecified vulnerabilities as noted in Chrome stable channel update\nrelease notes for April 17th, 2018. Please refer to the release notes\nfor additional information.\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n # https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?db76b488\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 66.0.3359.117 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-6084\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'66.0.3359.117', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T13:18:26", "description": "The version of Google Chrome installed on the remote host is prior to 66.0.3359.117. It is, therefore, affected by multiple unspecified vulnerabilities as noted in Chrome stable channel update release notes for April 17th, 2018. Please refer to the release notes for additional information.\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-27T00:00:00", "type": "nessus", "title": "Google Chrome < 66.0.3359.117 Multiple Vulnerabilities (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6084", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_66_0_3359_117.NASL", "href": "https://www.tenable.com/plugins/nessus/109396", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109396);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/08\");\n\n script_cve_id(\n \"CVE-2018-6084\",\n \"CVE-2018-6085\",\n \"CVE-2018-6086\",\n \"CVE-2018-6087\",\n \"CVE-2018-6088\",\n \"CVE-2018-6089\",\n \"CVE-2018-6090\",\n \"CVE-2018-6091\",\n \"CVE-2018-6092\",\n \"CVE-2018-6093\",\n \"CVE-2018-6094\",\n \"CVE-2018-6095\",\n \"CVE-2018-6096\",\n \"CVE-2018-6097\",\n \"CVE-2018-6098\",\n \"CVE-2018-6099\",\n \"CVE-2018-6100\",\n \"CVE-2018-6101\",\n \"CVE-2018-6102\",\n \"CVE-2018-6103\",\n \"CVE-2018-6104\",\n \"CVE-2018-6105\",\n \"CVE-2018-6106\",\n \"CVE-2018-6107\",\n \"CVE-2018-6108\",\n \"CVE-2018-6109\",\n \"CVE-2018-6110\",\n \"CVE-2018-6111\",\n \"CVE-2018-6112\",\n \"CVE-2018-6113\",\n \"CVE-2018-6114\",\n \"CVE-2018-6115\",\n \"CVE-2018-6116\",\n \"CVE-2018-6117\"\n );\n script_bugtraq_id(103917);\n\n script_name(english:\"Google Chrome < 66.0.3359.117 Multiple Vulnerabilities (macOS)\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote host is prior\nto 66.0.3359.117. It is, therefore, affected by multiple unspecified\nvulnerabilities as noted in Chrome stable channel update release notes\nfor April 17th, 2018. Please refer to the release notes for additional\ninformation.\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n # https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?db76b488\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 66.0.3359.117 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-6084\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'66.0.3359.117', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T13:20:44", "description": "The remote host is affected by the vulnerability described in GLSA-201804-22 (Chromium, Google Chrome: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers and Google Chrome Releases for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, bypass content security controls, or conduct URL spoofing.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-04-24T00:00:00", "type": "nessus", "title": "GLSA-201804-22 : Chromium, Google Chrome: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2019-04-05T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "p-cpe:/a:gentoo:linux:google-chrome", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201804-22.NASL", "href": "https://www.tenable.com/plugins/nessus/109290", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201804-22.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109290);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/04/05 23:25:06\");\n\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\", \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\", \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\", \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\", \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\", \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\", \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\", \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\", \"CVE-2018-6117\");\n script_xref(name:\"GLSA\", value:\"201804-22\");\n\n script_name(english:\"GLSA-201804-22 : Chromium, Google Chrome: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201804-22\n(Chromium, Google Chrome: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and Google\n Chrome. Please review the referenced CVE identifiers and Google Chrome\n Releases for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process, cause a Denial of Service condition, bypass\n content security controls, or conduct URL spoofing.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db76b488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201804-22\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-66.0.3359.117'\n All Google Chrome users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/google-chrome-66.0.3359.117'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:google-chrome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 66.0.3359.117\"), vulnerable:make_list(\"lt 66.0.3359.117\"))) flag++;\nif (qpkg_check(package:\"www-client/google-chrome\", unaffected:make_list(\"ge 66.0.3359.117\"), vulnerable:make_list(\"lt 66.0.3359.117\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / Google Chrome\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:45", "description": "This update for Chromium to version 66.0.3359.117 fixes the following issues :\n\nSecurity issues fixed (boo#1090000) :\n\n - CVE-2018-6085: Use after free in Disk Cache\n\n - CVE-2018-6086: Use after free in Disk Cache\n\n - CVE-2018-6087: Use after free in WebAssembly\n\n - CVE-2018-6088: Use after free in PDFium\n\n - CVE-2018-6089: Same origin policy bypass in Service Worker\n\n - CVE-2018-6090: Heap buffer overflow in Skia\n\n - CVE-2018-6091: Incorrect handling of plug-ins by Service Worker\n\n - CVE-2018-6092: Integer overflow in WebAssembly\n\n - CVE-2018-6093: Same origin bypass in Service Worker\n\n - CVE-2018-6094: Exploit hardening regression in Oilpan\n\n - CVE-2018-6095: Lack of meaningful user interaction requirement before file upload\n\n - CVE-2018-6096: Fullscreen UI spoof\n\n - CVE-2018-6097: Fullscreen UI spoof\n\n - CVE-2018-6098: URL spoof in Omnibox\n\n - CVE-2018-6099: CORS bypass in ServiceWorker\n\n - CVE-2018-6100: URL spoof in Omnibox\n\n - CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools \n\n - CVE-2018-6102: URL spoof in Omnibox\n\n - CVE-2018-6103: UI spoof in Permissions\n\n - CVE-2018-6104: URL spoof in Omnibox\n\n - CVE-2018-6105: URL spoof in Omnibox\n\n - CVE-2018-6106: Incorrect handling of promises in V8\n\n - CVE-2018-6107: URL spoof in Omnibox\n\n - CVE-2018-6108: URL spoof in Omnibox\n\n - CVE-2018-6109: Incorrect handling of files by FileAPI\n\n - CVE-2018-6110: Incorrect handling of plaintext files via file:// \n\n - CVE-2018-6111: Heap-use-after-free in DevTools\n\n - CVE-2018-6112: Incorrect URL handling in DevTools\n\n - CVE-2018-6113: URL spoof in Navigation\n\n - CVE-2018-6114: CSP bypass\n\n - CVE-2018-6115: SmartScreen bypass in downloads\n\n - CVE-2018-6116: Incorrect low memory handling in WebAssembly\n\n - CVE-2018-6117: Confusing autofill settings\n\n - Various fixes from internal audits, fuzzing and other initiatives This update also supports mitigation against the Spectre vulnerabilities: 'Strict site isolation' is disabled for most users and can be turned on via:\n chrome://flags/#enable-site-per-process This feature is undergoing a small percentage trial. Out out of the trial is possible via:\n chrome://flags/#site-isolation-trial-opt-out\n\nThe following other changes are included :\n\n - distrust certificates issued by Symantec before 2016-06-01\n\n - add option to export saved passwords\n\n - Reduce videos that auto-play with sound\n\n - boo#1086199: Fix UI freezing when loading/scaling down large images\n\nThis update also contains a number of upstream bug fixes and improvements.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-2018-381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-381.NASL", "href": "https://www.tenable.com/plugins/nessus/109236", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-381.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109236);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\", \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\", \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\", \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\", \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\", \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\", \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\", \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\", \"CVE-2018-6117\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2018-381)\");\n script_summary(english:\"Check for the openSUSE-2018-381 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for Chromium to version 66.0.3359.117 fixes the following\nissues :\n\nSecurity issues fixed (boo#1090000) :\n\n - CVE-2018-6085: Use after free in Disk Cache\n\n - CVE-2018-6086: Use after free in Disk Cache\n\n - CVE-2018-6087: Use after free in WebAssembly\n\n - CVE-2018-6088: Use after free in PDFium\n\n - CVE-2018-6089: Same origin policy bypass in Service\n Worker\n\n - CVE-2018-6090: Heap buffer overflow in Skia\n\n - CVE-2018-6091: Incorrect handling of plug-ins by Service\n Worker\n\n - CVE-2018-6092: Integer overflow in WebAssembly\n\n - CVE-2018-6093: Same origin bypass in Service Worker\n\n - CVE-2018-6094: Exploit hardening regression in Oilpan\n\n - CVE-2018-6095: Lack of meaningful user interaction\n requirement before file upload\n\n - CVE-2018-6096: Fullscreen UI spoof\n\n - CVE-2018-6097: Fullscreen UI spoof\n\n - CVE-2018-6098: URL spoof in Omnibox\n\n - CVE-2018-6099: CORS bypass in ServiceWorker\n\n - CVE-2018-6100: URL spoof in Omnibox\n\n - CVE-2018-6101: Insufficient protection of remote\n debugging prototol in DevTools \n\n - CVE-2018-6102: URL spoof in Omnibox\n\n - CVE-2018-6103: UI spoof in Permissions\n\n - CVE-2018-6104: URL spoof in Omnibox\n\n - CVE-2018-6105: URL spoof in Omnibox\n\n - CVE-2018-6106: Incorrect handling of promises in V8\n\n - CVE-2018-6107: URL spoof in Omnibox\n\n - CVE-2018-6108: URL spoof in Omnibox\n\n - CVE-2018-6109: Incorrect handling of files by FileAPI\n\n - CVE-2018-6110: Incorrect handling of plaintext files via\n file:// \n\n - CVE-2018-6111: Heap-use-after-free in DevTools\n\n - CVE-2018-6112: Incorrect URL handling in DevTools\n\n - CVE-2018-6113: URL spoof in Navigation\n\n - CVE-2018-6114: CSP bypass\n\n - CVE-2018-6115: SmartScreen bypass in downloads\n\n - CVE-2018-6116: Incorrect low memory handling in\n WebAssembly\n\n - CVE-2018-6117: Confusing autofill settings\n\n - Various fixes from internal audits, fuzzing and other\n initiatives This update also supports mitigation against\n the Spectre vulnerabilities: 'Strict site isolation' is\n disabled for most users and can be turned on via:\n chrome://flags/#enable-site-per-process This feature is\n undergoing a small percentage trial. Out out of the\n trial is possible via:\n chrome://flags/#site-isolation-trial-opt-out\n\nThe following other changes are included :\n\n - distrust certificates issued by Symantec before\n 2016-06-01\n\n - add option to export saved passwords\n\n - Reduce videos that auto-play with sound\n\n - boo#1086199: Fix UI freezing when loading/scaling down\n large images\n\nThis update also contains a number of upstream bug fixes and\nimprovements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1090000\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-66.0.3359.117-152.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-debuginfo-66.0.3359.117-152.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-66.0.3359.117-152.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debuginfo-66.0.3359.117-152.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debugsource-66.0.3359.117-152.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T00:54:47", "description": "Google Chrome Releases reports :\n\n62 security fixes in this release :\n\n- [826626] Critical CVE-2018-6085: Use after free in Disk Cache.\nReported by Ned Williamson on 2018-03-28\n\n- [827492] Critical CVE-2018-6086: Use after free in Disk Cache.\nReported by Ned Williamson on 2018-03-30\n\n- [813876] High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20\n\n- [822091] High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15\n\n- [808838] High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04\n\n- [820913] High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12\n\n- [771933] High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05\n\n- [819869] High CVE-2018-6092: Integer overflow in WebAssembly.\nReported by Natalie Silvanovich of Google Project Zero on 2018-03-08\n\n- [780435] Medium CVE-2018-6093: Same origin bypass in Service Worker.\nReported by Jun Kokatsu (@shhnjk) on 2017-11-01\n\n- [633030] Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01\n\n- [637098] Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11\n\n- [776418] Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19\n\n- [806162] Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26\n\n- [798892] Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03\n\n- [808825] Medium CVE-2018-6099: CORS bypass in ServiceWorker.\nReported by Jun Kokatsu (@shhnjk) on 2018-02-03\n\n- [811117] Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11\n\n- [813540] Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19\n\n- [813814] Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20\n\n- [816033] Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24\n\n- [820068] Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08\n\n- [803571] Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18\n\n- [805729] Medium CVE-2018-6106: Incorrect handling of promises in V8.\nReported by lokihardt of Google Project Zero on 2018-01-25\n\n- [808316] Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02\n\n- [816769] Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27\n\n- [710190] Low CVE-2018-6109: Incorrect handling of files by FileAPI.\nReported by Dominik Weber (@DoWeb_) on 2017-04-10\n\n- [777737] Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24\n\n- [780694] Low CVE-2018-6111: Heap-use-after-free in DevTools.\nReported by Khalil Zhani on 2017-11-02\n\n- [798096] Low CVE-2018-6112: Incorrect URL handling in DevTools.\nReported by Rob Wu on 2017-12-29\n\n- [805900] Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25\n\n- [811691] Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13\n\n- [819809] Low CVE-2018-6115: SmartScreen bypass in downloads.\nReported by James Feher on 2018-03-07\n\n- [822266] Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15\n\n- [822465] Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15\n\n- [822424] Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-04-25T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- vulnerability (36ff7a74-47b1-11e8-a7d6-54e1ad544088)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6084", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2019-07-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_36FF7A7447B111E8A7D654E1AD544088.NASL", "href": "https://www.tenable.com/plugins/nessus/109330", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109330);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/07/10 16:04:13\");\n\n script_cve_id(\"CVE-2018-6084\", \"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\", \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\", \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\", \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\", \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\", \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\", \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\", \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\", \"CVE-2018-6117\");\n\n script_name(english:\"FreeBSD : chromium -- vulnerability (36ff7a74-47b1-11e8-a7d6-54e1ad544088)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n62 security fixes in this release :\n\n- [826626] Critical CVE-2018-6085: Use after free in Disk Cache.\nReported by Ned Williamson on 2018-03-28\n\n- [827492] Critical CVE-2018-6086: Use after free in Disk Cache.\nReported by Ned Williamson on 2018-03-30\n\n- [813876] High CVE-2018-6087: Use after free in WebAssembly. Reported\nby Anonymous on 2018-02-20\n\n- [822091] High CVE-2018-6088: Use after free in PDFium. Reported by\nAnonymous on 2018-03-15\n\n- [808838] High CVE-2018-6089: Same origin policy bypass in Service\nWorker. Reported by Rob Wu on 2018-02-04\n\n- [820913] High CVE-2018-6090: Heap buffer overflow in Skia. Reported\nby ZhanJia Song on 2018-03-12\n\n- [771933] High CVE-2018-6091: Incorrect handling of plug-ins by\nService Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05\n\n- [819869] High CVE-2018-6092: Integer overflow in WebAssembly.\nReported by Natalie Silvanovich of Google Project Zero on 2018-03-08\n\n- [780435] Medium CVE-2018-6093: Same origin bypass in Service Worker.\nReported by Jun Kokatsu (@shhnjk) on 2017-11-01\n\n- [633030] Medium CVE-2018-6094: Exploit hardening regression in\nOilpan. Reported by Chris Rohlf on 2016-08-01\n\n- [637098] Medium CVE-2018-6095: Lack of meaningful user interaction\nrequirement before file upload. Reported by Abdulrahman Alqabandi\n(@qab) on 2016-08-11\n\n- [776418] Medium CVE-2018-6096: Fullscreen UI spoof. Reported by\nWenXu Wu of Tencent's Xuanwu Lab on 2017-10-19\n\n- [806162] Medium CVE-2018-6097: Fullscreen UI spoof. Reported by\nxisigr of Tencent's Xuanwu Lab on 2018-01-26\n\n- [798892] Medium CVE-2018-6098: URL spoof in Omnibox. Reported by\nKhalil Zhani on 2018-01-03\n\n- [808825] Medium CVE-2018-6099: CORS bypass in ServiceWorker.\nReported by Jun Kokatsu (@shhnjk) on 2018-02-03\n\n- [811117] Medium CVE-2018-6100: URL spoof in Omnibox. Reported by\nLnyas Zhang on 2018-02-11\n\n- [813540] Medium CVE-2018-6101: Insufficient protection of remote\ndebugging prototol in DevTools . Reported by Rob Wu on 2018-02-19\n\n- [813814] Medium CVE-2018-6102: URL spoof in Omnibox. Reported by\nKhalil Zhani on 2018-02-20\n\n- [816033] Medium CVE-2018-6103: UI spoof in Permissions. Reported by\nKhalil Zhani on 2018-02-24\n\n- [820068] Medium CVE-2018-6104: URL spoof in Omnibox. Reported by\nKhalil Zhani on 2018-03-08\n\n- [803571] Medium CVE-2018-6105: URL spoof in Omnibox. Reported by\nKhalil Zhani on 2018-01-18\n\n- [805729] Medium CVE-2018-6106: Incorrect handling of promises in V8.\nReported by lokihardt of Google Project Zero on 2018-01-25\n\n- [808316] Medium CVE-2018-6107: URL spoof in Omnibox. Reported by\nKhalil Zhani on 2018-02-02\n\n- [816769] Medium CVE-2018-6108: URL spoof in Omnibox. Reported by\nKhalil Zhani on 2018-02-27\n\n- [710190] Low CVE-2018-6109: Incorrect handling of files by FileAPI.\nReported by Dominik Weber (@DoWeb_) on 2017-04-10\n\n- [777737] Low CVE-2018-6110: Incorrect handling of plaintext files\nvia file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24\n\n- [780694] Low CVE-2018-6111: Heap-use-after-free in DevTools.\nReported by Khalil Zhani on 2017-11-02\n\n- [798096] Low CVE-2018-6112: Incorrect URL handling in DevTools.\nReported by Rob Wu on 2017-12-29\n\n- [805900] Low CVE-2018-6113: URL spoof in Navigation. Reported by\nKhalil Zhani on 2018-01-25\n\n- [811691] Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on\n2018-02-13\n\n- [819809] Low CVE-2018-6115: SmartScreen bypass in downloads.\nReported by James Feher on 2018-03-07\n\n- [822266] Low CVE-2018-6116: Incorrect low memory handling in\nWebAssembly. Reported by Jin from Chengdu Security Response Center of\nQihoo 360 Technology Co. Ltd. on 2018-03-15\n\n- [822465] Low CVE-2018-6117: Confusing autofill settings. Reported by\nSpencer Dailey on 2018-03-15\n\n- [822424] Low CVE-2018-6084: Incorrect use of Distributed Objects in\nGoogle Software Updater on MacOS. Reported by Ian Beer of Google\nProject Zero on 2018-03-15\"\n );\n # https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db76b488\"\n );\n # https://vuxml.freebsd.org/freebsd/36ff7a74-47b1-11e8-a7d6-54e1ad544088.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?288bbd0c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<66.0.3359.117\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T15:43:23", "description": "Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102 CVE-2018-6103 CVE-2018-6104 CVE-2018-6105 CVE-2018-6106 CVE-2018-6107 CVE-2018-6108 CVE-2018-6109 CVE-2018-6110 CVE-2018-6111 CVE-2018-6112 CVE-2018-6113 CVE-2018-6114 CVE-2018-6116 CVE-2018-6117 CVE-2018-6118 CVE-2018-6121 CVE-2018-6122 CVE-2018-6120\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-06-06T00:00:00", "type": "nessus", "title": "Fedora 27 : chromium (2018-812b5d5a71)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6120", "CVE-2018-6121", "CVE-2018-6122"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-812B5D5A71.NASL", "href": "https://www.tenable.com/plugins/nessus/110327", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-812b5d5a71.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110327);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\", \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\", \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\", \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\", \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\", \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\", \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\", \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\", \"CVE-2018-6117\", \"CVE-2018-6118\", \"CVE-2018-6120\", \"CVE-2018-6121\", \"CVE-2018-6122\");\n script_xref(name:\"FEDORA\", value:\"2018-812b5d5a71\");\n\n script_name(english:\"Fedora 27 : chromium (2018-812b5d5a71)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086\nCVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091\nCVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096\nCVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101\nCVE-2018-6102 CVE-2018-6103 CVE-2018-6104 CVE-2018-6105 CVE-2018-6106\nCVE-2018-6107 CVE-2018-6108 CVE-2018-6109 CVE-2018-6110 CVE-2018-6111\nCVE-2018-6112 CVE-2018-6113 CVE-2018-6114 CVE-2018-6116 CVE-2018-6117\nCVE-2018-6118 CVE-2018-6121 CVE-2018-6122 CVE-2018-6120\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-812b5d5a71\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"chromium-66.0.3359.181-2.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:16:00", "description": "Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102 CVE-2018-6103 CVE-2018-6104 CVE-2018-6105 CVE-2018-6106 CVE-2018-6107 CVE-2018-6108 CVE-2018-6109 CVE-2018-6110 CVE-2018-6111 CVE-2018-6112 CVE-2018-6113 CVE-2018-6114 CVE-2018-6116 CVE-2018-6117 CVE-2018-6118 CVE-2018-6121 CVE-2018-6122 CVE-2018-6120\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : chromium (2018-94e1bc8c23)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6120", "CVE-2018-6121", "CVE-2018-6122"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-94E1BC8C23.NASL", "href": "https://www.tenable.com/plugins/nessus/120630", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-94e1bc8c23.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120630);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\", \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\", \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\", \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\", \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\", \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\", \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\", \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\", \"CVE-2018-6117\", \"CVE-2018-6118\", \"CVE-2018-6120\", \"CVE-2018-6121\", \"CVE-2018-6122\");\n script_xref(name:\"FEDORA\", value:\"2018-94e1bc8c23\");\n\n script_name(english:\"Fedora 28 : chromium (2018-94e1bc8c23)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086\nCVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091\nCVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096\nCVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101\nCVE-2018-6102 CVE-2018-6103 CVE-2018-6104 CVE-2018-6105 CVE-2018-6106\nCVE-2018-6107 CVE-2018-6108 CVE-2018-6109 CVE-2018-6110 CVE-2018-6111\nCVE-2018-6112 CVE-2018-6113 CVE-2018-6114 CVE-2018-6116 CVE-2018-6117\nCVE-2018-6118 CVE-2018-6121 CVE-2018-6122 CVE-2018-6120\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-94e1bc8c23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"chromium-66.0.3359.181-2.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-08T14:56:44", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2018-6056 lokihardt discovered an error in the v8 JavaScript library.\n\n - CVE-2018-6057 Gal Beniamini discovered errors related to shared memory permissions.\n\n - CVE-2018-6060 Omair discovered a use-after-free issue in blink/webkit.\n\n - CVE-2018-6061 Guang Gong discovered a race condition in the v8 JavaScript library.\n\n - CVE-2018-6062 A heap overflow issue was discovered in the v8 JavaScript library.\n\n - CVE-2018-6063 Gal Beniamini discovered errors related to shared memory permissions.\n\n - CVE-2018-6064 lokihardt discovered a type confusion error in the v8 JavaScript library.\n\n - CVE-2018-6065 Mark Brand discovered an integer overflow issue in the v8 JavaScript library.\n\n - CVE-2018-6066 Masato Kinugawa discovered a way to bypass the Same Origin Policy.\n\n - CVE-2018-6067 Ned Williamson discovered a buffer overflow issue in the skia library.\n\n - CVE-2018-6068 Luan Herrera discovered object lifecycle issues.\n\n - CVE-2018-6069 Wanglu and Yangkang discovered a stack overflow issue in the skia library.\n\n - CVE-2018-6070 Rob Wu discovered a way to bypass the Content Security Policy.\n\n - CVE-2018-6071 A heap overflow issue was discovered in the skia library.\n\n - CVE-2018-6072 Atte Kettunen discovered an integer overflow issue in the pdfium library.\n\n - CVE-2018-6073 Omair discover a heap overflow issue in the WebGL implementation.\n\n - CVE-2018-6074 Abdulrahman Alqabandi discovered a way to cause a downloaded web page to not contain a Mark of the Web.\n\n - CVE-2018-6075 Inti De Ceukelaire discovered a way to bypass the Same Origin Policy.\n\n - CVE-2018-6076 Mateusz Krzeszowiec discovered that URL fragment identifiers could be handled incorrectly.\n\n - CVE-2018-6077 Khalil Zhani discovered a timing issue.\n\n - CVE-2018-6078 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6079 Ivars discovered an information disclosure issue.\n\n - CVE-2018-6080 Gal Beniamini discovered an information disclosure issue.\n\n - CVE-2018-6081 Rob Wu discovered a cross-site scripting issue.\n\n - CVE-2018-6082 WenXu Wu discovered a way to bypass blocked ports.\n\n - CVE-2018-6083 Jun Kokatsu discovered that AppManifests could be handled incorrectly.\n\n - CVE-2018-6085 Ned Williamson discovered a use-after-free issue.\n\n - CVE-2018-6086 Ned Williamson discovered a use-after-free issue.\n\n - CVE-2018-6087 A use-after-free issue was discovered in the WebAssembly implementation.\n\n - CVE-2018-6088 A use-after-free issue was discovered in the pdfium library.\n\n - CVE-2018-6089 Rob Wu discovered a way to bypass the Same Origin Policy.\n\n - CVE-2018-6090 ZhanJia Song discovered a heap overflow issue in the skia library.\n\n - CVE-2018-6091 Jun Kokatsu discovered that plugins could be handled incorrectly.\n\n - CVE-2018-6092 Natalie Silvanovich discovered an integer overflow issue in the WebAssembly implementation.\n\n - CVE-2018-6093 Jun Kokatsu discovered a way to bypass the Same Origin Policy.\n\n - CVE-2018-6094 Chris Rohlf discovered a regression in garbage collection hardening.\n\n - CVE-2018-6095 Abdulrahman Alqabandi discovered files could be uploaded without user interaction.\n\n - CVE-2018-6096 WenXu Wu discovered a user interface spoofing issue.\n\n - CVE-2018-6097 xisigr discovered a user interface spoofing issue.\n\n - CVE-2018-6098 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6099 Jun Kokatsu discovered a way to bypass the Cross Origin Resource Sharing mechanism.\n\n - CVE-2018-6100 Lnyas Zhang discovered a URL spoofing issue.\n\n - CVE-2018-6101 Rob Wu discovered an issue in the developer tools remote debugging protocol.\n\n - CVE-2018-6102 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6103 Khalil Zhani discovered a user interface spoofing issue.\n\n - CVE-2018-6104 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6105 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6106 lokihardt discovered that v8 promises could be handled incorrectly.\n\n - CVE-2018-6107 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6108 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6109 Dominik Weber discovered a way to misuse the FileAPI feature.\n\n - CVE-2018-6110 Wenxiang Qian discovered that local plain text files could be handled incorrectly.\n\n - CVE-2018-6111 Khalil Zhani discovered a use-after-free issue in the developer tools.\n\n - CVE-2018-6112 Khalil Zhani discovered incorrect handling of URLs in the developer tools.\n\n - CVE-2018-6113 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6114 Lnyas Zhang discovered a way to bypass the Content Security Policy.\n\n - CVE-2018-6116 Chengdu Security Response Center discovered an error when memory is low.\n\n - CVE-2018-6117 Spencer Dailey discovered an error in form autofill settings.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-04-30T00:00:00", "type": "nessus", "title": "Debian DSA-4182-1 : chromium-browser - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6056", "CVE-2018-6057", "CVE-2018-6060", "CVE-2018-6061", "CVE-2018-6062", "CVE-2018-6063", "CVE-2018-6064", "CVE-2018-6065", "CVE-2018-6066", "CVE-2018-6067", "CVE-2018-6068", "CVE-2018-6069", "CVE-2018-6070", "CVE-2018-6071", "CVE-2018-6072", "CVE-2018-6073", "CVE-2018-6074", "CVE-2018-6075", "CVE-2018-6076", "CVE-2018-6077", "CVE-2018-6078", "CVE-2018-6079", "CVE-2018-6080", "CVE-2018-6081", "CVE-2018-6082", "CVE-2018-6083", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2019-07-15T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium-browser", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4182.NASL", "href": "https://www.tenable.com/plugins/nessus/109411", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4182. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109411);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/07/15 14:20:30\");\n\n script_cve_id(\"CVE-2018-6056\", \"CVE-2018-6057\", \"CVE-2018-6060\", \"CVE-2018-6061\", \"CVE-2018-6062\", \"CVE-2018-6063\", \"CVE-2018-6064\", \"CVE-2018-6065\", \"CVE-2018-6066\", \"CVE-2018-6067\", \"CVE-2018-6068\", \"CVE-2018-6069\", \"CVE-2018-6070\", \"CVE-2018-6071\", \"CVE-2018-6072\", \"CVE-2018-6073\", \"CVE-2018-6074\", \"CVE-2018-6075\", \"CVE-2018-6076\", \"CVE-2018-6077\", \"CVE-2018-6078\", \"CVE-2018-6079\", \"CVE-2018-6080\", \"CVE-2018-6081\", \"CVE-2018-6082\", \"CVE-2018-6083\", \"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\", \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\", \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\", \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\", \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\", \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\", \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\", \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6116\", \"CVE-2018-6117\");\n script_xref(name:\"DSA\", value:\"4182\");\n\n script_name(english:\"Debian DSA-4182-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2018-6056\n lokihardt discovered an error in the v8 JavaScript\n library.\n\n - CVE-2018-6057\n Gal Beniamini discovered errors related to shared memory\n permissions.\n\n - CVE-2018-6060\n Omair discovered a use-after-free issue in blink/webkit.\n\n - CVE-2018-6061\n Guang Gong discovered a race condition in the v8\n JavaScript library.\n\n - CVE-2018-6062\n A heap overflow issue was discovered in the v8\n JavaScript library.\n\n - CVE-2018-6063\n Gal Beniamini discovered errors related to shared memory\n permissions.\n\n - CVE-2018-6064\n lokihardt discovered a type confusion error in the v8\n JavaScript library.\n\n - CVE-2018-6065\n Mark Brand discovered an integer overflow issue in the\n v8 JavaScript library.\n\n - CVE-2018-6066\n Masato Kinugawa discovered a way to bypass the Same\n Origin Policy.\n\n - CVE-2018-6067\n Ned Williamson discovered a buffer overflow issue in the\n skia library.\n\n - CVE-2018-6068\n Luan Herrera discovered object lifecycle issues.\n\n - CVE-2018-6069\n Wanglu and Yangkang discovered a stack overflow issue in\n the skia library.\n\n - CVE-2018-6070\n Rob Wu discovered a way to bypass the Content Security\n Policy.\n\n - CVE-2018-6071\n A heap overflow issue was discovered in the skia\n library.\n\n - CVE-2018-6072\n Atte Kettunen discovered an integer overflow issue in\n the pdfium library.\n\n - CVE-2018-6073\n Omair discover a heap overflow issue in the WebGL\n implementation.\n\n - CVE-2018-6074\n Abdulrahman Alqabandi discovered a way to cause a\n downloaded web page to not contain a Mark of the Web.\n\n - CVE-2018-6075\n Inti De Ceukelaire discovered a way to bypass the Same\n Origin Policy.\n\n - CVE-2018-6076\n Mateusz Krzeszowiec discovered that URL fragment\n identifiers could be handled incorrectly.\n\n - CVE-2018-6077\n Khalil Zhani discovered a timing issue.\n\n - CVE-2018-6078\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6079\n Ivars discovered an information disclosure issue.\n\n - CVE-2018-6080\n Gal Beniamini discovered an information disclosure\n issue.\n\n - CVE-2018-6081\n Rob Wu discovered a cross-site scripting issue.\n\n - CVE-2018-6082\n WenXu Wu discovered a way to bypass blocked ports.\n\n - CVE-2018-6083\n Jun Kokatsu discovered that AppManifests could be\n handled incorrectly.\n\n - CVE-2018-6085\n Ned Williamson discovered a use-after-free issue.\n\n - CVE-2018-6086\n Ned Williamson discovered a use-after-free issue.\n\n - CVE-2018-6087\n A use-after-free issue was discovered in the WebAssembly\n implementation.\n\n - CVE-2018-6088\n A use-after-free issue was discovered in the pdfium\n library.\n\n - CVE-2018-6089\n Rob Wu discovered a way to bypass the Same Origin\n Policy.\n\n - CVE-2018-6090\n ZhanJia Song discovered a heap overflow issue in the\n skia library.\n\n - CVE-2018-6091\n Jun Kokatsu discovered that plugins could be handled\n incorrectly.\n\n - CVE-2018-6092\n Natalie Silvanovich discovered an integer overflow issue\n in the WebAssembly implementation.\n\n - CVE-2018-6093\n Jun Kokatsu discovered a way to bypass the Same Origin\n Policy.\n\n - CVE-2018-6094\n Chris Rohlf discovered a regression in garbage\n collection hardening.\n\n - CVE-2018-6095\n Abdulrahman Alqabandi discovered files could be uploaded\n without user interaction.\n\n - CVE-2018-6096\n WenXu Wu discovered a user interface spoofing issue.\n\n - CVE-2018-6097\n xisigr discovered a user interface spoofing issue.\n\n - CVE-2018-6098\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6099\n Jun Kokatsu discovered a way to bypass the Cross Origin\n Resource Sharing mechanism.\n\n - CVE-2018-6100\n Lnyas Zhang discovered a URL spoofing issue.\n\n - CVE-2018-6101\n Rob Wu discovered an issue in the developer tools remote\n debugging protocol.\n\n - CVE-2018-6102\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6103\n Khalil Zhani discovered a user interface spoofing issue.\n\n - CVE-2018-6104\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6105\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6106\n lokihardt discovered that v8 promises could be handled\n incorrectly.\n\n - CVE-2018-6107\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6108\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6109\n Dominik Weber discovered a way to misuse the FileAPI\n feature.\n\n - CVE-2018-6110\n Wenxiang Qian discovered that local plain text files\n could be handled incorrectly.\n\n - CVE-2018-6111\n Khalil Zhani discovered a use-after-free issue in the\n developer tools.\n\n - CVE-2018-6112\n Khalil Zhani discovered incorrect handling of URLs in\n the developer tools.\n\n - CVE-2018-6113\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6114\n Lnyas Zhang discovered a way to bypass the Content\n Security Policy.\n\n - CVE-2018-6116\n Chengdu Security Response Center discovered an error\n when memory is low.\n\n - CVE-2018-6117\n Spencer Dailey discovered an error in form autofill\n settings.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6073\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6082\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6083\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6085\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6088\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6091\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6092\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6113\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6117\"\n );\n # https://security-tracker.debian.org/tracker/source-package/chromium-browser\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e33901a2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4182\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the oldstable distribution (jessie), security support for chromium\nhas been discontinued.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 66.0.3359.117-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"chromedriver\", reference:\"66.0.3359.117-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium\", reference:\"66.0.3359.117-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-driver\", reference:\"66.0.3359.117-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-l10n\", reference:\"66.0.3359.117-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-shell\", reference:\"66.0.3359.117-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-widevine\", reference:\"66.0.3359.117-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2021-08-18T11:14:22", "description": "### *Detect date*:\n04/17/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface, gain privileges, execute arbitrary code and perform unspecified attacks.\n\n### *Affected products*:\nGoogle Chrome earlier than 66.0.3359.117\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Google Chrome download page](<https://www.google.com/chrome/browser/desktop/>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2018-6085](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6085>)6.8High \n[CVE-2018-6086](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6086>)6.8High \n[CVE-2018-6087](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6087>)6.8High \n[CVE-2018-6088](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6088>)6.8High \n[CVE-2018-6089](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6089>)4.3Warning \n[CVE-2018-6090](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6090>)6.8High \n[CVE-2018-6091](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6091>)4.3Warning \n[CVE-2018-6092](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6092>)6.8High \n[CVE-2018-6093](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6093>)4.3Warning \n[CVE-2018-6094](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6094>)6.8High \n[CVE-2018-6095](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6095>)4.3Warning \n[CVE-2018-6096](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6096>)4.3Warning \n[CVE-2018-6097](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6097>)4.3Warning \n[CVE-2018-6098](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6098>)4.3Warning \n[CVE-2018-6099](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6099>)4.3Warning \n[CVE-2018-6100](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6100>)4.3Warning \n[CVE-2018-6101](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6101>)5.1High \n[CVE-2018-6102](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6102>)4.3Warning \n[CVE-2018-6103](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6103>)4.3Warning \n[CVE-2018-6104](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6104>)4.3Warning \n[CVE-2018-6105](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6105>)4.3Warning \n[CVE-2018-6106](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6106>)6.8High \n[CVE-2018-6107](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6107>)4.3Warning \n[CVE-2018-6108](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6108>)4.3Warning \n[CVE-2018-6109](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6109>)4.3Warning \n[CVE-2018-6110](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6110>)5.8High \n[CVE-2018-6111](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6111>)6.8High \n[CVE-2018-6112](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6112>)4.3Warning \n[CVE-2018-6113](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6113>)4.3Warning \n[CVE-2018-6114](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6114>)4.3Warning \n[CVE-2018-6115](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6115>)4.3Warning \n[CVE-2018-6116](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6116>)4.3Warning \n[CVE-2018-6117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6117>)4.3Warning \n[CVE-2018-6084](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6084>)7.2High\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-17T00:00:00", "type": "kaspersky", "title": "KLA11232 Multiple vulnerabilities in Google Chrome", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6084", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2020-06-18T00:00:00", "id": "KLA11232", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11232/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2018-04-21T01:24:13", "description": "This update for Chromium to version 66.0.3359.117 fixes the following\n issues:\n\n Security issues fixed (boo#1090000):\n\n - CVE-2018-6085: Use after free in Disk Cache\n - CVE-2018-6086: Use after free in Disk Cache\n - CVE-2018-6087: Use after free in WebAssembly\n - CVE-2018-6088: Use after free in PDFium\n - CVE-2018-6089: Same origin policy bypass in Service Worker\n - CVE-2018-6090: Heap buffer overflow in Skia\n - CVE-2018-6091: Incorrect handling of plug-ins by Service Worker\n - CVE-2018-6092: Integer overflow in WebAssembly\n - CVE-2018-6093: Same origin bypass in Service Worker\n - CVE-2018-6094: Exploit hardening regression in Oilpan\n - CVE-2018-6095: Lack of meaningful user interaction requirement before\n file upload\n - CVE-2018-6096: Fullscreen UI spoof\n - CVE-2018-6097: Fullscreen UI spoof\n - CVE-2018-6098: URL spoof in Omnibox\n - CVE-2018-6099: CORS bypass in ServiceWorker\n - CVE-2018-6100: URL spoof in Omnibox\n - CVE-2018-6101: Insufficient protection of remote debugging prototol in\n DevTools\n - CVE-2018-6102: URL spoof in Omnibox\n - CVE-2018-6103: UI spoof in Permissions\n - CVE-2018-6104: URL spoof in Omnibox\n - CVE-2018-6105: URL spoof in Omnibox\n - CVE-2018-6106: Incorrect handling of promises in V8\n - CVE-2018-6107: URL spoof in Omnibox\n - CVE-2018-6108: URL spoof in Omnibox\n - CVE-2018-6109: Incorrect handling of files by FileAPI\n - CVE-2018-6110: Incorrect handling of plaintext files via file://\n - CVE-2018-6111: Heap-use-after-free in DevTools\n - CVE-2018-6112: Incorrect URL handling in DevTools\n - CVE-2018-6113: URL spoof in Navigation\n - CVE-2018-6114: CSP bypass\n - CVE-2018-6115: SmartScreen bypass in downloads\n - CVE-2018-6116: Incorrect low memory handling in WebAssembly\n - CVE-2018-6117: Confusing autofill settings\n - Various fixes from internal audits, fuzzing and other initiatives\n\n This update also supports mitigation against the Spectre vulnerabilities:\n "Strict site isolation" is disabled for most users and can be turned on\n via: chrome://flags/#enable-site-per-process This feature is undergoing a\n small percentage trial. Out out of the trial is possible via:\n chrome://flags/#site-isolation-trial-opt-out\n\n The following other changes are included:\n\n - distrust certificates issued by Symantec before 2016-06-01\n - add option to export saved passwords\n - Reduce videos that auto-play with sound\n - boo#1086199: Fix UI freezing when loading/scaling down large images\n\n This update also contains a number of upstream bug fixes and improvements.\n\n", "cvss3": {}, "published": "2018-04-21T00:08:20", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6099", "CVE-2018-6113", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6100", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6109", "CVE-2018-6115", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6089", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6092", "CVE-2018-6111", "CVE-2018-6085"], "modified": "2018-04-21T00:08:20", "id": "OPENSUSE-SU-2018:1042-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00063.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-05-09T17:55:56", "description": "This update for Chromium to version 66.0.3359.139 fixes the following\n issues:\n\n - CVE-2018-6118: Use after free in Media Cache (bsc#1091288)\n - CVE-2018-6085: Use after free in Disk Cache\n - CVE-2018-6086: Use after free in Disk Cache\n - CVE-2018-6087: Use after free in WebAssembly\n - CVE-2018-6088: Use after free in PDFium\n - CVE-2018-6089: Same origin policy bypass in Service Worker\n - CVE-2018-6090: Heap buffer overflow in Skia\n - CVE-2018-6091: Incorrect handling of plug-ins by Service Worker\n - CVE-2018-6092: Integer overflow in WebAssembly\n - CVE-2018-6093: Same origin bypass in Service Worker\n - CVE-2018-6094: Exploit hardening regression in Oilpan\n - CVE-2018-6095: Lack of meaningful user interaction requirement before\n file upload\n - CVE-2018-6096: Fullscreen UI spoof\n - CVE-2018-6097: Fullscreen UI spoof\n - CVE-2018-6098: URL spoof in Omnibox\n - CVE-2018-6099: CORS bypass in ServiceWorker\n - CVE-2018-6100: URL spoof in Omnibox\n - CVE-2018-6101: Insufficient protection of remote debugging prototol in\n DevTools\n - CVE-2018-6102: URL spoof in Omnibox\n - CVE-2018-6103: UI spoof in Permissions\n - CVE-2018-6104: URL spoof in Omnibox\n - CVE-2018-6105: URL spoof in Omnibox\n - CVE-2018-6106: Incorrect handling of promises in V8\n - CVE-2018-6107: URL spoof in Omnibox\n - CVE-2018-6108: URL spoof in Omnibox\n - CVE-2018-6109: Incorrect handling of files by FileAPI\n - CVE-2018-6110: Incorrect handling of plaintext files via file://\n - CVE-2018-6111: Heap-use-after-free in DevTools\n - CVE-2018-6112: Incorrect URL handling in DevTools\n - CVE-2018-6113: URL spoof in Navigation\n - CVE-2018-6114: CSP bypass\n - CVE-2018-6115: SmartScreen bypass in downloads\n - CVE-2018-6116: Incorrect low memory handling in WebAssembly\n - CVE-2018-6117: Confusing autofill settings\n - CVE-2017-11215: Use after free in Flash\n - CVE-2017-11225: Use after free in Flash\n - CVE-2018-6060: Use after free in Blink\n - CVE-2018-6061: Race condition in V8\n - CVE-2018-6062: Heap buffer overflow in Skia\n - CVE-2018-6057: Incorrect permissions on shared memory\n - CVE-2018-6063: Incorrect permissions on shared memory\n - CVE-2018-6064: Type confusion in V8\n - CVE-2018-6065: Integer overflow in V8\n - CVE-2018-6066: Same Origin Bypass via canvas\n - CVE-2018-6067: Buffer overflow in Skia\n - CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab\n - CVE-2018-6069: Stack buffer overflow in Skia\n - CVE-2018-6070: CSP bypass through extensions\n - CVE-2018-6071: Heap bufffer overflow in Skia\n - CVE-2018-6072: Integer overflow in PDFium\n - CVE-2018-6073: Heap bufffer overflow in WebGL\n - CVE-2018-6074: Mark-of-the-Web bypass\n - CVE-2018-6075: Overly permissive cross origin downloads\n - CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink\n - CVE-2018-6077: Timing attack using SVG filters\n - CVE-2018-6078: URL Spoof in OmniBox\n - CVE-2018-6079: Information disclosure via texture data in WebGL\n - CVE-2018-6080: Information disclosure in IPC call\n - CVE-2018-6081: XSS in interstitials\n - CVE-2018-6082: Circumvention of port blocking\n - CVE-2018-6083: Incorrect processing of AppManifests\n - bsc#1086124: Various fixes from internal audits, fuzzing and other\n initiatives\n\n This update also supports mitigation against the Spectre vulnerabilities:\n\n "Strict site isolation" is disabled for most users and can be turned on\n via: chrome://flags/#enable-site-per-process\n\n This feature is undergoing a small percentage trial. Out out of the trial\n is possible via: chrome://flags/#site-isolation-trial-opt-out\n\n", "cvss3": {}, "published": "2018-05-09T15:07:28", "type": "suse", "title": "Security update for Chromium (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-6069", "CVE-2018-6078", "CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6081", "CVE-2018-6099", "CVE-2017-11215", "CVE-2018-6113", "CVE-2018-6080", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6083", "CVE-2018-6100", "CVE-2018-6082", "CVE-2018-6057", "CVE-2018-6070", "CVE-2018-6074", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6109", "CVE-2018-6073", "CVE-2018-6115", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6061", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6072", "CVE-2018-6068", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6065", "CVE-2018-6089", "CVE-2017-11225", "CVE-2018-6062", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6067", "CVE-2018-6092", "CVE-2018-6071", "CVE-2018-6066", "CVE-2018-6075", "CVE-2018-6064", "CVE-2018-6077", "CVE-2018-6076", "CVE-2018-6111", "CVE-2018-6085", "CVE-2018-6079", "CVE-2018-6060", "CVE-2018-6063"], "modified": "2018-05-09T15:07:28", "id": "OPENSUSE-SU-2018:1175-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00009.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-05-28T01:40:25", "description": "This update for Chromium to version 66.0.3359.181 fixes the following\n issues:\n\n - CVE-2018-6118: Use after free in Media Cache (bsc#1091288)\n - CVE-2018-6085: Use after free in Disk Cache\n - CVE-2018-6086: Use after free in Disk Cache\n - CVE-2018-6087: Use after free in WebAssembly\n - CVE-2018-6088: Use after free in PDFium\n - CVE-2018-6089: Same origin policy bypass in Service Worker\n - CVE-2018-6090: Heap buffer overflow in Skia\n - CVE-2018-6091: Incorrect handling of plug-ins by Service Worker\n - CVE-2018-6092: Integer overflow in WebAssembly\n - CVE-2018-6093: Same origin bypass in Service Worker\n - CVE-2018-6094: Exploit hardening regression in Oilpan\n - CVE-2018-6095: Lack of meaningful user interaction requirement before\n file upload\n - CVE-2018-6096: Fullscreen UI spoof\n - CVE-2018-6097: Fullscreen UI spoof\n - CVE-2018-6098: URL spoof in Omnibox\n - CVE-2018-6099: CORS bypass in ServiceWorker\n - CVE-2018-6100: URL spoof in Omnibox\n - CVE-2018-6101: Insufficient protection of remote debugging prototol in\n DevTools\n - CVE-2018-6102: URL spoof in Omnibox\n - CVE-2018-6103: UI spoof in Permissions\n - CVE-2018-6104: URL spoof in Omnibox\n - CVE-2018-6105: URL spoof in Omnibox\n - CVE-2018-6106: Incorrect handling of promises in V8\n - CVE-2018-6107: URL spoof in Omnibox\n - CVE-2018-6108: URL spoof in Omnibox\n - CVE-2018-6109: Incorrect handling of files by FileAPI\n - CVE-2018-6110: Incorrect handling of plaintext files via file://\n - CVE-2018-6111: Heap-use-after-free in DevTools\n - CVE-2018-6112: Incorrect URL handling in DevTools\n - CVE-2018-6113: URL spoof in Navigation\n - CVE-2018-6114: CSP bypass\n - CVE-2018-6115: SmartScreen bypass in downloads\n - CVE-2018-6116: Incorrect low memory handling in WebAssembly\n - CVE-2018-6117: Confusing autofill settings\n - CVE-2017-11215: Use after free in Flash\n - CVE-2017-11225: Use after free in Flash\n - CVE-2018-6060: Use after free in Blink\n - CVE-2018-6061: Race condition in V8\n - CVE-2018-6062: Heap buffer overflow in Skia\n - CVE-2018-6057: Incorrect permissions on shared memory\n - CVE-2018-6063: Incorrect permissions on shared memory\n - CVE-2018-6064: Type confusion in V8\n - CVE-2018-6065: Integer overflow in V8\n - CVE-2018-6066: Same Origin Bypass via canvas\n - CVE-2018-6067: Buffer overflow in Skia\n - CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab\n - CVE-2018-6069: Stack buffer overflow in Skia\n - CVE-2018-6070: CSP bypass through extensions\n - CVE-2018-6071: Heap bufffer overflow in Skia\n - CVE-2018-6072: Integer overflow in PDFium\n - CVE-2018-6073: Heap bufffer overflow in WebGL\n - CVE-2018-6074: Mark-of-the-Web bypass\n - CVE-2018-6075: Overly permissive cross origin downloads\n - CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink\n - CVE-2018-6077: Timing attack using SVG filters\n - CVE-2018-6078: URL Spoof in OmniBox\n - CVE-2018-6079: Information disclosure via texture data in WebGL\n - CVE-2018-6080: Information disclosure in IPC call\n - CVE-2018-6081: XSS in interstitials\n - CVE-2018-6082: Circumvention of port blocking\n - CVE-2018-6083: Incorrect processing of AppManifests\n - CVE-2018-6121: Privilege Escalation in extensions\n - CVE-2018-6122: Type confusion in V8\n - CVE-2018-6120: Heap buffer overflow in PDFium\n - bsc#1086124: Various fixes from internal audits, fuzzing and other\n initiatives\n\n This update also supports mitigation against the Spectre vulnerabilities:\n\n "Strict site isolation" is disabled for most users and can be turned on\n via: chrome://flags/#enable-site-per-process\n\n This feature is undergoing a small percentage trial. Out out of the trial\n is possible via: chrome://flags/#site-isolation-trial-opt-out\n\n\n The following tracked packaging bug were fixed:\n\n - Chromium could not be installed from SUSE PackageHub 12 without having\n the SDK enabled (bsc#1070421)\n - Chromium could not be installed when libminizip1 was not available\n (bsc#1093031)\n\n", "cvss3": {}, "published": "2018-05-27T18:06:43", "type": "suse", "title": "Security update for Chromium (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-6069", "CVE-2018-6078", "CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6081", "CVE-2018-6099", "CVE-2017-11215", "CVE-2018-6120", "CVE-2018-6113", "CVE-2018-6080", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6083", "CVE-2018-6100", "CVE-2018-6082", "CVE-2018-6057", "CVE-2018-6070", "CVE-2018-6074", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6109", "CVE-2018-6073", "CVE-2018-6115", "CVE-2018-6122", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6061", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6072", "CVE-2018-6068", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6065", "CVE-2018-6089", "CVE-2017-11225", "CVE-2018-6062", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6067", "CVE-2018-6092", "CVE-2018-6071", "CVE-2018-6121", "CVE-2018-6066", "CVE-2018-6075", "CVE-2018-6064", "CVE-2018-6077", "CVE-2018-6076", "CVE-2018-6111", "CVE-2018-6085", "CVE-2018-6079", "CVE-2018-6060", "CVE-2018-6063"], "modified": "2018-05-27T18:06:43", "id": "OPENSUSE-SU-2018:1437-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00105.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-07-19T21:54:08", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-04-18T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6099", "CVE-2018-6113", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6100", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6109", "CVE-2018-6115", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6089", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6092", "CVE-2018-6111", "CVE-2018-6085"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310813095", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813095", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-Linux\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813095\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\",\n \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\",\n \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\",\n \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\",\n \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\",\n \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\",\n \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\",\n \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\",\n \"CVE-2018-6117\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-18 14:30:38 +0530 (Wed, 18 Apr 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple use after free errors in 'Disk Cache', 'WebAssembly' and 'PDFium'.\n\n - A same origin policy bypass error in Service Worker.\n\n - A heap buffer overflow error in Skia.\n\n - An incorrect handling of plug-ins by Service Worker.\n\n - An integer overflow error in WebAssembly.\n\n - Multiple UI spoofing errors.\n\n - Multiple URL spoofing errors in Omnibox.\n\n - An insufficient protection of remote debugging prototol in DevTools.\n\n - An incorrect handling of promises in V8, files by FileAPI, plaintext files\n via file://.\n\n - An incorrect low memory handling in WebAssembly.\n\n - A content security policy bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct spoofing attacks, bypass security restrictions, cause\n denial of service condition and also some unspecified impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 66.0.3359.117 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 66.0.3359.117 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:vers, test_version:\"66.0.3359.117\"))\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:\"66.0.3359.117\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T21:52:44", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-04-18T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6099", "CVE-2018-6113", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6100", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6109", "CVE-2018-6115", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6089", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6092", "CVE-2018-6111", "CVE-2018-6085"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310813094", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813094", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-Windows\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813094\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\",\n \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\",\n \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\",\n \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\",\n \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\",\n \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\",\n \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\",\n \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\",\n \"CVE-2018-6117\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-18 14:30:38 +0530 (Wed, 18 Apr 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple use after free errors in 'Disk Cache', 'WebAssembly' and 'PDFium'.\n\n - A same origin policy bypass error in Service Worker.\n\n - A heap buffer overflow error in Skia.\n\n - An incorrect handling of plug-ins by Service Worker.\n\n - An integer overflow error in WebAssembly.\n\n - Multiple UI spoofing errors.\n\n - Multiple URL spoofing errors in Omnibox.\n\n - An insufficient protection of remote debugging prototol in DevTools.\n\n - An incorrect handling of promises in V8, files by FileAPI, plaintext files\n via 'file://'.\n\n - An incorrect low memory handling in WebAssembly.\n\n - A content security policy bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct spoofing attacks, bypass security restrictions, cause\n denial of service condition and also some unspecified impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 66.0.3359.117 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 66.0.3359.117 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:vers, test_version:\"66.0.3359.117\"))\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:\"66.0.3359.117\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:36:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-04-21T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2018:1042-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6099", "CVE-2018-6113", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6100", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6109", "CVE-2018-6115", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6089", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6092", "CVE-2018-6111", "CVE-2018-6085"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851732", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851732", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851732\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-04-21 08:59:09 +0200 (Sat, 21 Apr 2018)\");\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\",\n \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\",\n \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\",\n \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\",\n \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\",\n \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\",\n \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\",\n \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\",\n \"CVE-2018-6117\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2018:1042-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for Chromium to version 66.0.3359.117 fixes the following\n issues:\n\n Security issues fixed (boo#1090000):\n\n - CVE-2018-6085: Use after free in Disk Cache\n\n - CVE-2018-6086: Use after free in Disk Cache\n\n - CVE-2018-6087: Use after free in WebAssembly\n\n - CVE-2018-6088: Use after free in PDFium\n\n - CVE-2018-6089: Same origin policy bypass in Service Worker\n\n - CVE-2018-6090: Heap buffer overflow in Skia\n\n - CVE-2018-6091: Incorrect handling of plug-ins by Service Worker\n\n - CVE-2018-6092: Integer overflow in WebAssembly\n\n - CVE-2018-6093: Same origin bypass in Service Worker\n\n - CVE-2018-6094: Exploit hardening regression in Oilpan\n\n - CVE-2018-6095: Lack of meaningful user interaction requirement before\n file upload\n\n - CVE-2018-6096: Fullscreen UI spoof\n\n - CVE-2018-6097: Fullscreen UI spoof\n\n - CVE-2018-6098: URL spoof in Omnibox\n\n - CVE-2018-6099: CORS bypass in ServiceWorker\n\n - CVE-2018-6100: URL spoof in Omnibox\n\n - CVE-2018-6101: Insufficient protection of remote debugging prototol in\n DevTools\n\n - CVE-2018-6102: URL spoof in Omnibox\n\n - CVE-2018-6103: UI spoof in Permissions\n\n - CVE-2018-6104: URL spoof in Omnibox\n\n - CVE-2018-6105: URL spoof in Omnibox\n\n - CVE-2018-6106: Incorrect handling of promises in V8\n\n - CVE-2018-6107: URL spoof in Omnibox\n\n - CVE-2018-6108: URL spoof in Omnibox\n\n - CVE-2018-6109: Incorrect handling of files by FileAPI\n\n - CVE-2018-6110: Incorrect handling of plaintext files via file://\n\n - CVE-2018-6111: Heap-use-after-free in DevTools\n\n - CVE-2018-6112: Incorrect URL handling in DevTools\n\n - CVE-2018-6113: URL spoof in Navigation\n\n - CVE-2018-6114: CSP bypass\n\n - CVE-2018-6115: SmartScreen bypass in downloads\n\n - CVE-2018-6116: Incorrect low memory handling in WebAssembly\n\n - CVE-2018-6117: Confusing autofill settings\n\n - Various fixes from internal audits, fuzzing and other initiatives\n\n This update also supports mitigation against the Spectre vulnerabilities:\n 'Strict site isolation' is disabled for most users and can be turned on\n via: chrome://flags/#enable-site-per-process This feature is undergoing a\n small percentage trial. Out out of the trial is possible via:\n chrome://flags/#site-isolation-trial-opt-out\n\n The following other changes are included:\n\n - distrust certificates issued by Symantec before 2016-06-01\n\n - add option to export saved passwords\n\n - Reduce videos that auto-play with sound\n\n - boo#1086199: Fix UI freezing when loading/scaling down large images\n\n This update also contains a number of upstream bug fixes and improvements.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the S ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1042-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-04/msg00063.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~66.0.3359.117~152.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~66.0.3359.117~152.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~66.0.3359.117~152.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~66.0.3359.117~152.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~66.0.3359.117~152.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-19T21:52:13", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-04-18T00:00:00", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6084", "CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6099", "CVE-2018-6113", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6100", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6109", "CVE-2018-6115", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6089", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6092", "CVE-2018-6111", "CVE-2018-6085"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310813096", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813096", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-MAC OS X\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813096\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\",\n \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\",\n \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\",\n \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\",\n \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\",\n \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\",\n \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\",\n \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6115\", \"CVE-2018-6116\",\n \"CVE-2018-6117\", \"CVE-2018-6084\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-18 14:30:38 +0530 (Wed, 18 Apr 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-04)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - Multiple use after free errors in 'Disk Cache', 'WebAssembly' and 'PDFium'.\n\n - A same origin policy bypass error in Service Worker.\n\n - A heap buffer overflow error in Skia.\n\n - An incorrect handling of plug-ins by Service Worker.\n\n - An integer overflow error in WebAssembly.\n\n - Multiple UI spoofing errors.\n\n - Multiple URL spoofing errors in Omnibox.\n\n - An insufficient protection of remote debugging prototol in DevTools.\n\n - An incorrect handling of promises in V8, files by FileAPI, plaintext files\n via 'file://'.\n\n - An incorrect low memory handling in WebAssembly.\n\n - A content security policy bypass error.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct spoofing attacks, bypass security restrictions, cause\n denial of service condition and also some unspecified impacts.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 66.0.3359.117 on MAC OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 66.0.3359.117 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvers = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:vers, test_version:\"66.0.3359.117\"))\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:\"66.0.3359.117\", install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-05T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2018-94e1bc8c23", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6099", "CVE-2018-6120", "CVE-2018-6113", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6100", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6109", "CVE-2018-6115", "CVE-2018-6122", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6089", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6092", "CVE-2018-6121", "CVE-2018-6111", "CVE-2018-6085"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874635", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874635", "sourceData": " ###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_94e1bc8c23_chromium_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for chromium FEDORA-2018-94e1bc8c23\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874635\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-05 14:03:12 +0530 (Tue, 05 Jun 2018)\");\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\",\n \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\",\n \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\",\n \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\",\n \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\",\n \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\",\n \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\",\n \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6116\", \"CVE-2018-6117\",\n \"CVE-2018-6118\", \"CVE-2018-6121\", \"CVE-2018-6122\", \"CVE-2018-6120\",\n \"CVE-2018-6115\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2018-94e1bc8c23\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-94e1bc8c23\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FV3FJ4MT2NVIWCXYD5H43NB4FENSAMGN\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~66.0.3359.181~2.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-06T00:00:00", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2018-812b5d5a71", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6099", "CVE-2018-6120", "CVE-2018-6113", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6100", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6109", "CVE-2018-6115", "CVE-2018-6122", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6089", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6092", "CVE-2018-6121", "CVE-2018-6111", "CVE-2018-6085"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874648", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874648", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_812b5d5a71_chromium_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for chromium FEDORA-2018-812b5d5a71\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874648\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-06 10:24:11 +0200 (Wed, 06 Jun 2018)\");\n script_cve_id(\"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\",\n \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\",\n \"CVE-2018-6093\", \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\",\n \"CVE-2018-6097\", \"CVE-2018-6098\", \"CVE-2018-6099\", \"CVE-2018-6100\",\n \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\", \"CVE-2018-6104\",\n \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\",\n \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\",\n \"CVE-2018-6113\", \"CVE-2018-6114\", \"CVE-2018-6116\", \"CVE-2018-6117\",\n \"CVE-2018-6118\", \"CVE-2018-6121\", \"CVE-2018-6122\", \"CVE-2018-6120\",\n \"CVE-2018-6115\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2018-812b5d5a71\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-812b5d5a71\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N3R4UPGKKZ56KTGNOT2UBMDZTWJQWIM3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~66.0.3359.181~2.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:56:12", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-6056\nlokihardt discovered an error in the v8 javascript library.\n\nCVE-2018-6057\nGal Beniamini discovered errors related to shared memory permissions.\n\nCVE-2018-6060\nOmair discovered a use-after-free issue in blink/webkit.\n\nCVE-2018-6061\nGuang Gong discovered a race condition in the v8 javascript library.\n\nDescription truncated. Please see the references for more information.", "cvss3": {}, "published": "2018-04-28T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4182-1 (chromium-browser - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6069", "CVE-2018-6078", "CVE-2018-6097", "CVE-2018-6103", "CVE-2018-6081", "CVE-2018-6099", "CVE-2018-6113", "CVE-2018-6080", "CVE-2018-6091", "CVE-2018-6104", "CVE-2018-6096", "CVE-2018-6083", "CVE-2018-6100", "CVE-2018-6082", "CVE-2018-6057", "CVE-2018-6070", "CVE-2018-6074", "CVE-2018-6098", "CVE-2018-6112", "CVE-2018-6110", "CVE-2018-6108", "CVE-2018-6102", "CVE-2018-6056", "CVE-2018-6114", "CVE-2018-6117", "CVE-2018-6109", "CVE-2018-6073", "CVE-2018-6095", "CVE-2018-6105", "CVE-2018-6093", "CVE-2018-6087", "CVE-2018-6061", "CVE-2018-6116", "CVE-2018-6106", "CVE-2018-6090", "CVE-2018-6072", "CVE-2018-6068", "CVE-2018-6088", "CVE-2018-6094", "CVE-2018-6065", "CVE-2018-6089", "CVE-2018-6062", "CVE-2018-6101", "CVE-2018-6107", "CVE-2018-6086", "CVE-2018-6067", "CVE-2018-6092", "CVE-2018-6071", "CVE-2018-6066", "CVE-2018-6075", "CVE-2018-6064", "CVE-2018-6077", "CVE-2018-6076", "CVE-2018-6111", "CVE-2018-6085", "CVE-2018-6079", "CVE-2018-6060", "CVE-2018-6063"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704182", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704182", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4182-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704182\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-6056\", \"CVE-2018-6057\", \"CVE-2018-6060\", \"CVE-2018-6061\", \"CVE-2018-6062\",\n \"CVE-2018-6063\", \"CVE-2018-6064\", \"CVE-2018-6065\", \"CVE-2018-6066\", \"CVE-2018-6067\",\n \"CVE-2018-6068\", \"CVE-2018-6069\", \"CVE-2018-6070\", \"CVE-2018-6071\", \"CVE-2018-6072\",\n \"CVE-2018-6073\", \"CVE-2018-6074\", \"CVE-2018-6075\", \"CVE-2018-6076\", \"CVE-2018-6077\",\n \"CVE-2018-6078\", \"CVE-2018-6079\", \"CVE-2018-6080\", \"CVE-2018-6081\", \"CVE-2018-6082\",\n \"CVE-2018-6083\", \"CVE-2018-6085\", \"CVE-2018-6086\", \"CVE-2018-6087\", \"CVE-2018-6088\",\n \"CVE-2018-6089\", \"CVE-2018-6090\", \"CVE-2018-6091\", \"CVE-2018-6092\", \"CVE-2018-6093\",\n \"CVE-2018-6094\", \"CVE-2018-6095\", \"CVE-2018-6096\", \"CVE-2018-6097\", \"CVE-2018-6098\",\n \"CVE-2018-6099\", \"CVE-2018-6100\", \"CVE-2018-6101\", \"CVE-2018-6102\", \"CVE-2018-6103\",\n \"CVE-2018-6104\", \"CVE-2018-6105\", \"CVE-2018-6106\", \"CVE-2018-6107\", \"CVE-2018-6108\",\n \"CVE-2018-6109\", \"CVE-2018-6110\", \"CVE-2018-6111\", \"CVE-2018-6112\", \"CVE-2018-6113\",\n \"CVE-2018-6114\", \"CVE-2018-6116\", \"CVE-2018-6117\");\n script_name(\"Debian Security Advisory DSA 4182-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-04-28 00:00:00 +0200 (Sat, 28 Apr 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4182.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), security support for chromium\nhas been discontinued.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 66.0.3359.117-1~deb9u1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/chromium-browser\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-6056\nlokihardt discovered an error in the v8 javascript library.\n\nCVE-2018-6057\nGal Beniamini discovered errors related to shared memory permissions.\n\nCVE-2018-6060\nOmair discovered a use-after-free issue in blink/webkit.\n\nCVE-2018-6061\nGuang Gong discovered a race condition in the v8 javascript library.\n\nDescription truncated. Please see the references for more information.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"chromedriver\", ver:\"66.0.3359.117-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium\", ver:\"66.0.3359.117-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-driver\", ver:\"66.0.3359.117-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"66.0.3359.117-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-shell\", ver:\"66.0.3359.117-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-widevine\", ver:\"66.0.3359.117-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:39:46", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 66.0.3359.117.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in Disk Cache (CVE-2018-6085)\n\n* chromium-browser: Use after free in Disk Cache (CVE-2018-6086)\n\n* chromium-browser: Use after free in WebAssembly (CVE-2018-6087)\n\n* chromium-browser: Use after free in PDFium (CVE-2018-6088)\n\n* chromium-browser: Same origin policy bypass in Service Worker (CVE-2018-6089)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2018-6090)\n\n* chromium-browser: Incorrect handling of plug-ins by Service Worker (CVE-2018-6091)\n\n* chromium-browser: Integer overflow in WebAssembly (CVE-2018-6092)\n\n* chromium-browser: Same origin bypass in Service Worker (CVE-2018-6093)\n\n* chromium-browser: Exploit hardening regression in Oilpan (CVE-2018-6094)\n\n* chromium-browser: Lack of meaningful user interaction requirement before file upload (CVE-2018-6095)\n\n* chromium-browser: Fullscreen UI spoof (CVE-2018-6096)\n\n* chromium-browser: Fullscreen UI spoof (CVE-2018-6097)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6098)\n\n* chromium-browser: CORS bypass in ServiceWorker (CVE-2018-6099)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6100)\n\n* chromium-browser: Insufficient protection of remote debugging prototol in DevTools (CVE-2018-6101)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6102)\n\n* chromium-browser: UI spoof in Permissions (CVE-2018-6103)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6104)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6105)\n\n* chromium-browser: Incorrect handling of promises in V8 (CVE-2018-6106)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6107)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6108)\n\n* chromium-browser: Incorrect handling of files by FileAPI (CVE-2018-6109)\n\n* chromium-browser: Incorrect handling of plaintext files via file:// (CVE-2018-6110)\n\n* chromium-browser: Heap-use-after-free in DevTools (CVE-2018-6111)\n\n* chromium-browser: Incorrect URL handling in DevTools (CVE-2018-6112)\n\n* chromium-browser: URL spoof in Navigation (CVE-2018-6113)\n\n* chromium-browser: CSP bypass (CVE-2018-6114)\n\n* chromium-browser: Incorrect low memory handling in WebAssembly (CVE-2018-6116)\n\n* chromium-browser: Confusing autofill settings (CVE-2018-6117)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-23T12:24:32", "type": "redhat", "title": "(RHSA-2018:1195) Critical: chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2018-06-07T14:21:47", "id": "RHSA-2018:1195", "href": "https://access.redhat.com/errata/RHSA-2018:1195", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nGoogle Chrome Releases reports:\n\n62 security fixes in this release:\n\n[826626] Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28\n[827492] Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30\n[813876] High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20\n[822091] High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15\n[808838] High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04\n[820913] High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12\n[771933] High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05\n[819869] High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08\n[780435] Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01\n[633030] Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01\n[637098] Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11\n[776418] Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19\n[806162] Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26\n[798892] Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03\n[808825] Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03\n[811117] Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11\n[813540] Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19\n[813814] Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20\n[816033] Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24\n[820068] Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08\n[803571] Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18\n[805729] Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25\n[808316] Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02\n[816769] Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27\n[710190] Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10\n[777737] Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24\n[780694] Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02\n[798096] Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29\n[805900] Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25\n[811691] Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13\n[819809] Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07\n[822266] Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15\n[822465] Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15\n[822424] Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15\n\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-10T00:00:00", "type": "freebsd", "title": "chromium -- vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6084", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2017-04-10T00:00:00", "id": "36FF7A74-47B1-11E8-A7D6-54E1AD544088", "href": "https://vuxml.freebsd.org/freebsd/36ff7a74-47b1-11e8-a7d6-54e1ad544088.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:04:22", "description": "### Background\n\nChromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. \n\nGoogle Chrome is one fast, simple, and secure browser for all your devices. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers and Google Chrome Releases for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, bypass content security controls, or conduct URL spoofing. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-66.0.3359.117\"\n \n\nAll Google Chrome users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/google-chrome-66.0.3359.117\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-24T00:00:00", "type": "gentoo", "title": "Chromium, Google Chrome: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2018-04-24T00:00:00", "id": "GLSA-201804-22", "href": "https://security.gentoo.org/glsa/201804-22", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-05T14:11:33", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: chromium-66.0.3359.181-2.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6120", "CVE-2018-6121", "CVE-2018-6122"], "modified": "2018-06-05T14:11:33", "id": "FEDORA:D76706163D5A", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-31T14:42:50", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: chromium-66.0.3359.181-2.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6120", "CVE-2018-6121", "CVE-2018-6122"], "modified": "2018-05-31T14:42:50", "id": "FEDORA:3A1D860C5983", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "chrome": [{"lastseen": "2021-12-30T22:32:47", "description": "The Chrome team is delighted to announce the promotion of Chrome 66 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. \n\n\n\nChrome 66.0.3359.117 contains a number of fixes and improvements -- a list of changes is available in the [log](<https://chromium.googlesource.com/chromium/src/+log/65.0.3325.181..66.0.3359.117?pretty=fuller&n=10000>). Watch out for upcoming[ Chrome](<https://chrome.blogspot.com/>) and[ Chromium](<https://blog.chromium.org/>) blog posts about new features and big efforts delivered in 66. \n\n\n\n\n\n**Site Isolation Trial**\n\n** \n**Chrome 66 will include a small percentage trial of [Site Isolation](<https://www.chromium.org/Home/chromium-security/site-isolation>), to prepare for a broader upcoming launch. Site Isolation improves Chrome's security and [helps mitigate the risks posed by Spectre](<https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>).\n\n\nTo diagnose whether an issue is caused by Site Isolation, use chrome://flags#site-isolation-trial-opt-out as described [here](<https://www.chromium.org/Home/chromium-security/site-isolation#TOC-Diagnosing-Issues>). Please [report](<https://goo.gl/XBoKtY>) any trial-specific issues to help us fix them before Site Isolation is launched more broadly.\n\n\n**Security Fixes and Rewards** \n** \n** Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed. \n\nChrome 66 will not trust website certificates issued by Symantec's legacy PKI before June 1st 2016, continuing the phased distrust outlined in our [previous announcements](<https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html>). \n\nThis update includes [62](<https://bugs.chromium.org/p/chromium/issues/list?can=1&q=type%3Abug-security+os%3DAndroid%2Cios%2Clinux%2Cmac%2Cwindows%2Call+label%3ARelease-0-M66>) security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the [Chrome Security Page](<http://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information. \n\n[$TBD][[826626](<https://crbug.com/826626>)] Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28 \n[$TBD][[827492](<https://crbug.com/827492>)] Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30 \n[$7500][[813876](<https://crbug.com/813876>)] High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20 \n[$5000][[822091](<https://crbug.com/822091>)] High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15 \n[$4500][[808838](<https://crbug.com/808838>)] High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04 \n[$3000][[820913](<https://crbug.com/820913>)] High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12 \n[$500][[771933](<https://crbug.com/771933>)] High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05 \n[$N/A][[819869](<https://crbug.com/819869>)] High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08 \n[$4000][[780435](<https://crbug.com/780435>)] Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01 \n[$2000][[805445](<https://crbug.com/805445>)] Medium CVE-2018-6152: Local file write in DevTools. Reported by Rob Wu on 2018-01-24 \n[$2000][[633030](<https://crbug.com/633030>)] Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01 \n[$2000][[637098](<https://crbug.com/637098>)] Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11 \n[$1000][[812667](<https://crbug.com/812667>)] Medium CVE-2018-6150: Cross origin information disclosure in Service Workers. Reported by Rob Wu on 2018-02-15 \n[$1000][[776418](<https://crbug.com/776418>)] Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19 \n[$1000][[806162](<https://crbug.com/806162>)] Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26 \n\n[$500][[805905](<https://crbug.com/805905>)] Medium CVE-2018-6151: Bad cast in DevTools. Reported by Rob Wu on 2018-01-25 \n[$500][[798892](<https://crbug.com/798892>)] Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03 \n[$500][[808825](<https://crbug.com/808825>)] Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03 \n[$500][[811117](<https://crbug.com/811117>)] Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11 \n[$500][[813540](<https://crbug.com/813540>)] Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19 \n[$500][[813814](<https://crbug.com/813814>)] Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20 \n[$500][[816033](<https://crbug.com/816033>)] Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24 \n[$500][[820068](<https://crbug.com/820068>)] Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08 \n[$N/A][[803571](<https://crbug.com/803571>)] Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18 \n[$N/A][[805729](<https://crbug.com/805729>)] Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25 \n[$N/A][[808316](<https://crbug.com/808316>)] Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02 \n[$N/A][[816769](<https://crbug.com/816769>)] Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27 \n[$N/A][[710190](<https://crbug.com/710190>)] Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10 \n[$N/A][[777737](<https://crbug.com/777737>)] Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24 \n[$N/A][[780694](<https://crbug.com/780694>)] Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02 \n[$N/A][[798096](<https://crbug.com/798096>)] Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29 \n[$N/A][[805900](<https://crbug.com/805900>)] Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25 \n[$N/A][[811691](<https://crbug.com/811691>)] Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13 \n[$TBD][[819809](<https://crbug.com/819809>)] Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07 \n[$N/A][[822266](<https://crbug.com/822266>)] Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15 \n[$N/A][[822465](<https://crbug.com/822465>)] Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15 \n[$N/A][[822424](<https://crbug.com/822424>)] Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15 \n\nWe would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. \nAs usual, our ongoing internal security work was responsible for a wide range of fixes: \n\n\n * [[833889](<https://crbug.com/833889>)] Various fixes from internal audits, fuzzing and other initiatives\nMany of our security bugs are detected using [AddressSanitizer](<http://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>), [MemorySanitizer](<https://code.google.com/p/memory-sanitizer/wiki/MemorySanitizer>), [UndefinedBehaviorSanitizer](<https://www.chromium.org/developers/testing/undefinedbehaviorsanitizer>), [Control Flow Integrity](<https://sites.google.com/a/chromium.org/dev/developers/testing/control-flow-integrity>), [libFuzzer](<https://sites.google.com/a/chromium.org/dev/developers/testing/libfuzzer>), or [AFL](<http://lcamtuf.coredump.cx/afl/>). \n\n\nAbdul Syed \nGoogle Chrome", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 6.0}, "published": "2018-04-17T00:00:00", "type": "chrome", "title": "Stable Channel Update for Desktop", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6084", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117", "CVE-2018-6150", "CVE-2018-6151", "CVE-2018-6152"], "modified": "2018-04-17T00:00:00", "id": "GCSA-2158845341400298535", "href": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2021-10-21T19:01:52", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4182-1 security@debian.org\nhttps://www.debian.org/security/ Michael Gilbert\nApril 28, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2018-6056 CVE-2018-6057 CVE-2018-6060 CVE-2018-6061\n CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065\n CVE-2018-6066 CVE-2018-6067 CVE-2018-6068 CVE-2018-6069\n CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073\n CVE-2018-6074 CVE-2018-6075 CVE-2018-6076 CVE-2018-6077\n CVE-2018-6078 CVE-2018-6079 CVE-2018-6080 CVE-2018-6081\n CVE-2018-6082 CVE-2018-6083 CVE-2018-6085 CVE-2018-6086\n CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090\n CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094\n CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098\n CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102\n CVE-2018-6103 CVE-2018-6104 CVE-2018-6105 CVE-2018-6106\n CVE-2018-6107 CVE-2018-6108 CVE-2018-6109 CVE-2018-6110\n CVE-2018-6111 CVE-2018-6112 CVE-2018-6113 CVE-2018-6114\n CVE-2018-6116 CVE-2018-6117\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-6056\n\n lokihardt discovered an error in the v8 javascript library.\n\nCVE-2018-6057\n\n Gal Beniamini discovered errors related to shared memory permissions.\n\nCVE-2018-6060\n\n Omair discovered a use-after-free issue in blink/webkit.\n\nCVE-2018-6061\n\n Guang Gong discovered a race condition in the v8 javascript library.\n\nCVE-2018-6062\n\n A heap overflow issue was discovered in the v8 javascript library.\n\nCVE-2018-6063\n\n Gal Beniamini discovered errors related to shared memory permissions.\n\nCVE-2018-6064\n\n lokihardt discovered a type confusion error in the v8 javascript\n library.\n\nCVE-2018-6065\n\n Mark Brand discovered an integer overflow issue in the v8 javascript\n library.\n\nCVE-2018-6066\n\n Masato Kinugawa discovered a way to bypass the Same Origin Policy.\n\nCVE-2018-6067\n\n Ned Williamson discovered a buffer overflow issue in the skia library.\n\nCVE-2018-6068\n\n Luan Herrera discovered object lifecycle issues.\n\nCVE-2018-6069\n\n Wanglu and Yangkang discovered a stack overflow issue in the skia\n library.\n\nCVE-2018-6070\n\n Rob Wu discovered a way to bypass the Content Security Policy.\n\nCVE-2018-6071\n\n A heap overflow issue was discovered in the skia library.\n\nCVE-2018-6072\n\n Atte Kettunen discovered an integer overflow issue in the pdfium\n library.\n\nCVE-2018-6073\n\n Omair discover a heap overflow issue in the WebGL implementation.\n\nCVE-2018-6074\n\n Abdulrahman Alqabandi discovered a way to cause a downloaded web page\n to not contain a Mark of the Web.\n\nCVE-2018-6075\n\n Inti De Ceukelaire discovered a way to bypass the Same Origin Policy.\n\nCVE-2018-6076\n\n Mateusz Krzeszowiec discovered that URL fragment identifiers could be\n handled incorrectly.\n\nCVE-2018-6077\n\n Khalil Zhani discovered a timing issue.\n\nCVE-2018-6078\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6079\n\n Ivars discovered an information disclosure issue.\n\nCVE-2018-6080\n\n Gal Beniamini discovered an information disclosure issue.\n\nCVE-2018-6081\n\n Rob Wu discovered a cross-site scripting issue.\n\nCVE-2018-6082\n\n WenXu Wu discovered a way to bypass blocked ports.\n\nCVE-2018-6083\n\n Jun Kokatsu discovered that AppManifests could be handled incorrectly.\n\nCVE-2018-6085\n\n Ned Williamson discovered a use-after-free issue.\n\nCVE-2018-6086\n\n Ned Williamson discovered a use-after-free issue.\n\nCVE-2018-6087\n\n A use-after-free issue was discovered in the WebAssembly implementation.\n\nCVE-2018-6088\n\n A use-after-free issue was discovered in the pdfium library.\n\nCVE-2018-6089\n\n Rob Wu discovered a way to bypass the Same Origin Policy.\n\nCVE-2018-6090\n\n ZhanJia Song discovered a heap overflow issue in the skia library.\n\nCVE-2018-6091\n\n Jun Kokatsu discovered that plugins could be handled incorrectly.\n\nCVE-2018-6092\n\n Natalie Silvanovich discovered an integer overflow issue in the\n WebAssembly implementation.\n\nCVE-2018-6093\n\n Jun Kokatsu discovered a way to bypass the Same Origin Policy.\n\nCVE-2018-6094\n\n Chris Rohlf discovered a regression in garbage collection hardening.\n\nCVE-2018-6095\n\n Abdulrahman Alqabandi discovered files could be uploaded without user\n interaction.\n\nCVE-2018-6096\n\n WenXu Wu discovered a user interface spoofing issue.\n\nCVE-2018-6097\n\n xisigr discovered a user interface spoofing issue.\n\nCVE-2018-6098\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6099\n\n Jun Kokatsu discovered a way to bypass the Cross Origin Resource\n Sharing mechanism.\n\nCVE-2018-6100\n\n Lnyas Zhang dsicovered a URL spoofing issue.\n\nCVE-2018-6101\n\n Rob Wu discovered an issue in the developer tools remote debugging\n protocol.\n\nCVE-2018-6102\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6103\n\n Khalil Zhani discovered a user interface spoofing issue.\n\nCVE-2018-6104\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6105\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6106\n\n lokihardt discovered that v8 promises could be handled incorrectly.\n\nCVE-2018-6107\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6108\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6109\n\n Dominik Weber discovered a way to misuse the FileAPI feature.\n\nCVE-2018-6110\n\n Wenxiang Qian discovered that local plain text files could be handled\n incorrectly.\n\nCVE-2018-6111\n\n Khalil Zhani discovered a use-after-free issue in the developer tools.\n\nCVE-2018-6112\n\n Khalil Zhani discovered incorrect handling of URLs in the developer\n tools.\n\nCVE-2018-6113\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6114\n\n Lnyas Zhang discovered a way to bypass the Content Security Policy.\n\nCVE-2018-6116\n\n Chengdu Security Response Center discovered an error when memory\n is low.\n\nCVE-2018-6117\n\n Spencer Dailey discovered an error in form autofill settings.\n\nFor the oldstable distribution (jessie), security support for chromium\nhas been discontinued.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 66.0.3359.117-1~deb9u1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFor the detailed security status of chromium-browser please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium-browser\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-28T05:30:48", "type": "debian", "title": "[SECURITY] [DSA 4182-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6056", "CVE-2018-6057", "CVE-2018-6060", "CVE-2018-6061", "CVE-2018-6062", "CVE-2018-6063", "CVE-2018-6064", "CVE-2018-6065", "CVE-2018-6066", "CVE-2018-6067", "CVE-2018-6068", "CVE-2018-6069", "CVE-2018-6070", "CVE-2018-6071", "CVE-2018-6072", "CVE-2018-6073", "CVE-2018-6074", "CVE-2018-6075", "CVE-2018-6076", "CVE-2018-6077", "CVE-2018-6078", "CVE-2018-6079", "CVE-2018-6080", "CVE-2018-6081", "CVE-2018-6082", "CVE-2018-6083", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2018-04-28T05:30:48", "id": "DEBIAN:DSA-4182-1:2D0C5", "href": "https://lists.debian.org/debian-security-announce/2018/msg00108.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-29T22:34:28", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4182-1 security@debian.org\nhttps://www.debian.org/security/ Michael Gilbert\nApril 28, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2018-6056 CVE-2018-6057 CVE-2018-6060 CVE-2018-6061\n CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065\n CVE-2018-6066 CVE-2018-6067 CVE-2018-6068 CVE-2018-6069\n CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073\n CVE-2018-6074 CVE-2018-6075 CVE-2018-6076 CVE-2018-6077\n CVE-2018-6078 CVE-2018-6079 CVE-2018-6080 CVE-2018-6081\n CVE-2018-6082 CVE-2018-6083 CVE-2018-6085 CVE-2018-6086\n CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090\n CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094\n CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098\n CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102\n CVE-2018-6103 CVE-2018-6104 CVE-2018-6105 CVE-2018-6106\n CVE-2018-6107 CVE-2018-6108 CVE-2018-6109 CVE-2018-6110\n CVE-2018-6111 CVE-2018-6112 CVE-2018-6113 CVE-2018-6114\n CVE-2018-6116 CVE-2018-6117\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-6056\n\n lokihardt discovered an error in the v8 javascript library.\n\nCVE-2018-6057\n\n Gal Beniamini discovered errors related to shared memory permissions.\n\nCVE-2018-6060\n\n Omair discovered a use-after-free issue in blink/webkit.\n\nCVE-2018-6061\n\n Guang Gong discovered a race condition in the v8 javascript library.\n\nCVE-2018-6062\n\n A heap overflow issue was discovered in the v8 javascript library.\n\nCVE-2018-6063\n\n Gal Beniamini discovered errors related to shared memory permissions.\n\nCVE-2018-6064\n\n lokihardt discovered a type confusion error in the v8 javascript\n library.\n\nCVE-2018-6065\n\n Mark Brand discovered an integer overflow issue in the v8 javascript\n library.\n\nCVE-2018-6066\n\n Masato Kinugawa discovered a way to bypass the Same Origin Policy.\n\nCVE-2018-6067\n\n Ned Williamson discovered a buffer overflow issue in the skia library.\n\nCVE-2018-6068\n\n Luan Herrera discovered object lifecycle issues.\n\nCVE-2018-6069\n\n Wanglu and Yangkang discovered a stack overflow issue in the skia\n library.\n\nCVE-2018-6070\n\n Rob Wu discovered a way to bypass the Content Security Policy.\n\nCVE-2018-6071\n\n A heap overflow issue was discovered in the skia library.\n\nCVE-2018-6072\n\n Atte Kettunen discovered an integer overflow issue in the pdfium\n library.\n\nCVE-2018-6073\n\n Omair discover a heap overflow issue in the WebGL implementation.\n\nCVE-2018-6074\n\n Abdulrahman Alqabandi discovered a way to cause a downloaded web page\n to not contain a Mark of the Web.\n\nCVE-2018-6075\n\n Inti De Ceukelaire discovered a way to bypass the Same Origin Policy.\n\nCVE-2018-6076\n\n Mateusz Krzeszowiec discovered that URL fragment identifiers could be\n handled incorrectly.\n\nCVE-2018-6077\n\n Khalil Zhani discovered a timing issue.\n\nCVE-2018-6078\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6079\n\n Ivars discovered an information disclosure issue.\n\nCVE-2018-6080\n\n Gal Beniamini discovered an information disclosure issue.\n\nCVE-2018-6081\n\n Rob Wu discovered a cross-site scripting issue.\n\nCVE-2018-6082\n\n WenXu Wu discovered a way to bypass blocked ports.\n\nCVE-2018-6083\n\n Jun Kokatsu discovered that AppManifests could be handled incorrectly.\n\nCVE-2018-6085\n\n Ned Williamson discovered a use-after-free issue.\n\nCVE-2018-6086\n\n Ned Williamson discovered a use-after-free issue.\n\nCVE-2018-6087\n\n A use-after-free issue was discovered in the WebAssembly implementation.\n\nCVE-2018-6088\n\n A use-after-free issue was discovered in the pdfium library.\n\nCVE-2018-6089\n\n Rob Wu discovered a way to bypass the Same Origin Policy.\n\nCVE-2018-6090\n\n ZhanJia Song discovered a heap overflow issue in the skia library.\n\nCVE-2018-6091\n\n Jun Kokatsu discovered that plugins could be handled incorrectly.\n\nCVE-2018-6092\n\n Natalie Silvanovich discovered an integer overflow issue in the\n WebAssembly implementation.\n\nCVE-2018-6093\n\n Jun Kokatsu discovered a way to bypass the Same Origin Policy.\n\nCVE-2018-6094\n\n Chris Rohlf discovered a regression in garbage collection hardening.\n\nCVE-2018-6095\n\n Abdulrahman Alqabandi discovered files could be uploaded without user\n interaction.\n\nCVE-2018-6096\n\n WenXu Wu discovered a user interface spoofing issue.\n\nCVE-2018-6097\n\n xisigr discovered a user interface spoofing issue.\n\nCVE-2018-6098\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6099\n\n Jun Kokatsu discovered a way to bypass the Cross Origin Resource\n Sharing mechanism.\n\nCVE-2018-6100\n\n Lnyas Zhang dsicovered a URL spoofing issue.\n\nCVE-2018-6101\n\n Rob Wu discovered an issue in the developer tools remote debugging\n protocol.\n\nCVE-2018-6102\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6103\n\n Khalil Zhani discovered a user interface spoofing issue.\n\nCVE-2018-6104\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6105\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6106\n\n lokihardt discovered that v8 promises could be handled incorrectly.\n\nCVE-2018-6107\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6108\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6109\n\n Dominik Weber discovered a way to misuse the FileAPI feature.\n\nCVE-2018-6110\n\n Wenxiang Qian discovered that local plain text files could be handled\n incorrectly.\n\nCVE-2018-6111\n\n Khalil Zhani discovered a use-after-free issue in the developer tools.\n\nCVE-2018-6112\n\n Khalil Zhani discovered incorrect handling of URLs in the developer\n tools.\n\nCVE-2018-6113\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6114\n\n Lnyas Zhang discovered a way to bypass the Content Security Policy.\n\nCVE-2018-6116\n\n Chengdu Security Response Center discovered an error when memory\n is low.\n\nCVE-2018-6117\n\n Spencer Dailey discovered an error in form autofill settings.\n\nFor the oldstable distribution (jessie), security support for chromium\nhas been discontinued.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 66.0.3359.117-1~deb9u1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFor the detailed security status of chromium-browser please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium-browser\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-04-28T05:30:48", "type": "debian", "title": "[SECURITY] [DSA 4182-1] chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6056", "CVE-2018-6057", "CVE-2018-6060", "CVE-2018-6061", "CVE-2018-6062", "CVE-2018-6063", "CVE-2018-6064", "CVE-2018-6065", "CVE-2018-6066", "CVE-2018-6067", "CVE-2018-6068", "CVE-2018-6069", "CVE-2018-6070", "CVE-2018-6071", "CVE-2018-6072", "CVE-2018-6073", "CVE-2018-6074", "CVE-2018-6075", "CVE-2018-6076", "CVE-2018-6077", "CVE-2018-6078", "CVE-2018-6079", "CVE-2018-6080", "CVE-2018-6081", "CVE-2018-6082", "CVE-2018-6083", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6116", "CVE-2018-6117"], "modified": "2018-04-28T05:30:48", "id": "DEBIAN:DSA-4182-1:617C4", "href": "https://lists.debian.org/debian-security-announce/2018/msg00108.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Chromium-browser 67.0.3396.62 fixes security issues: Multiple flaws were found in the way Chromium 64.0.3282.140 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. (CVE-2017-11215, CVE-2017-11225, CVE-2018-6056, CVE-2018-6057, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063, CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6068, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018-6072, CVE-2018-6073, CVE-2018-6074, CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE-2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083, CVE-2018-6084, CVE-2018-6085, CVE-2018-6086, CVE-2018-6087, CVE-2018-6088, CVE-2018-6089, CVE-2018-6090, CVE-2018-6091, CVE-2018-6092, CVE-2018-6093, CVE-2018-6094, CVE-2018-6095, CVE-2018-6096, CVE-2018-6097, CVE-2018-6098, CVE-2018-6099, CVE-2018-6100, CVE-2018-6101, CVE-2018-6102, CVE-2018-6103, CVE-2018-6104, CVE-2018-6105, CVE-2018-6106, CVE-2018-6107, CVE-2018-6108, CVE-2018-6109, CVE-2018-6110, CVE-2018-6111, CVE-2018-6112, CVE-2018-6113, CVE-2018-6114, CVE-2018-6115, CVE-2018-6116, CVE-2018-6117, CVE-2018-6118, CVE-2018-6120, CVE-2018-6121, CVE-2018-6122, CVE-2018-6123, CVE-2018-6124, CVE-2018-6126, CVE-2018-6127, CVE-2018-6128, CVE-2018-6129, CVE-2018-6130, CVE-2018-6131, CVE-2018-6132, CVE-2018-6133, CVE-2018-6134, CVE-2018-6135, CVE-2018-6136, CVE-2018-6137, CVE-2018-6138, CVE-2018-6139, CVE-2018-6140, CVE-2018-6141, CVE-2018-6142, CVE-2018-6143, CVE-2018-6144, CVE-2018-6145, CVE-2018-6147) \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-04T15:11:47", "type": "mageia", "title": "Updated chromium-browser-stable packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11215", "CVE-2017-11225", "CVE-2018-6056", "CVE-2018-6057", "CVE-2018-6060", "CVE-2018-6061", "CVE-2018-6062", "CVE-2018-6063", "CVE-2018-6064", "CVE-2018-6065", "CVE-2018-6066", "CVE-2018-6067", "CVE-2018-6068", "CVE-2018-6069", "CVE-2018-6070", "CVE-2018-6071", "CVE-2018-6072", "CVE-2018-6073", "CVE-2018-6074", "CVE-2018-6075", "CVE-2018-6076", "CVE-2018-6077", "CVE-2018-6078", "CVE-2018-6079", "CVE-2018-6080", "CVE-2018-6081", "CVE-2018-6082", "CVE-2018-6083", "CVE-2018-6084", "CVE-2018-6085", "CVE-2018-6086", "CVE-2018-6087", "CVE-2018-6088", "CVE-2018-6089", "CVE-2018-6090", "CVE-2018-6091", "CVE-2018-6092", "CVE-2018-6093", "CVE-2018-6094", "CVE-2018-6095", "CVE-2018-6096", "CVE-2018-6097", "CVE-2018-6098", "CVE-2018-6099", "CVE-2018-6100", "CVE-2018-6101", "CVE-2018-6102", "CVE-2018-6103", "CVE-2018-6104", "CVE-2018-6105", "CVE-2018-6106", "CVE-2018-6107", "CVE-2018-6108", "CVE-2018-6109", "CVE-2018-6110", "CVE-2018-6111", "CVE-2018-6112", "CVE-2018-6113", "CVE-2018-6114", "CVE-2018-6115", "CVE-2018-6116", "CVE-2018-6117", "CVE-2018-6118", "CVE-2018-6120", "CVE-2018-6121", "CVE-2018-6122", "CVE-2018-6123", "CVE-2018-6124", "CVE-2018-6126", "CVE-2018-6127", "CVE-2018-6128", "CVE-2018-6129", "CVE-2018-6130", "CVE-2018-6131", "CVE-2018-6132", "CVE-2018-6133", "CVE-2018-6134", "CVE-2018-6135", "CVE-2018-6136", "CVE-2018-6137", "CVE-2018-6138", "CVE-2018-6139", "CVE-2018-6140", "CVE-2018-6141", "CVE-2018-6142", "CVE-2018-6143", "CVE-2018-6144", "CVE-2018-6145", "CVE-2018-6147"], "modified": "2018-06-04T15:11:47", "id": "MGASA-2018-0268", "href": "https://advisories.mageia.org/MGASA-2018-0268.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
