Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD8E986B2B-1BAA-11E8-A944-54EE754AF08E
HistoryAug 09, 2017 - 12:00 a.m.

chromium -- multiple vulnerabilities

2017-08-0900:00:00
vuxml.freebsd.org
6

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.4%

JSON

Google Chrome Releases reports:

Several security fixes in this release, including:

[780450] High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01
[787103] High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20
[793620] High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09
[784183] Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12
[797500] Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
[797500] Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
[753645] Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on
2017-08-09
[774174] Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12
[775527] Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17
[778658] Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent’s Xuanwu Lab on 2017-10-26
[760342] Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29
[773930] Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12
[785809] Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16
[797497] Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
[798163] Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31
[799847] Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08
[763194] Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08
[771848] Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@aaspring) on 2017-10-05
[774438] Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent’s Xuanwu Lab on 2017-10-13
[774842] Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15
[441275] Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11
[615608] Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28
[758169] Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23
[797511] Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchchromium< 64.0.3282.119UNKNOWN

Related

suse 4
nessus 23
kaspersky 2
debian 2
chrome 2
openvas 17
redhat 2
gentoo 2
osv 2
fedora 9
threatpost 1
debiancve 24
prion 24
redhatcve 24
ubuntucve 24
cve 24
myhack58 1
archlinux 1
freebsd 1
suse
suse
Security update for chromium (important)
2018-01-31 18:08:20
Security update for chromium (important)
2018-01-28 18:07:37
Security update for chromium (important)
2017-12-08 12:15:33
nessus
nessus
openSUSE Security Update : chromium (openSUSE-2018-103)
2018-01-29 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (8e986b2b-1baa-11e8-a944-54ee754af08e)
2018-02-28 00:00:00
Debian DSA-4103-1 : chromium-browser - security update
2018-02-01 00:00:00
kaspersky
kaspersky
KLA11185 Multiple vulnerabilities in Google Chrome
2018-01-24 00:00:00
KLA11152 Multiple vulnerabilities in Google Chrome
2017-12-07 00:00:00
debian
debian
[SECURITY] [DSA 4103-1] chromium-browser security update
2018-02-01 02:59:02
[SECURITY] [DSA 4064-1] chromium-browser security update
2017-12-12 11:04:40
chrome
chrome
Stable Channel Update for Desktop
2018-01-24 00:00:00
Stable Channel Update for Desktop
2017-12-06 00:00:00
openvas
openvas
openSUSE: Security Advisory for chromium (openSUSE-SU-2018:0259-1)
2018-01-29 00:00:00
Google Chrome Security Updates (stable-channel-update-for-desktop_24-2018-01) - Windows
2018-01-25 00:00:00
Google Chrome Security Updates (stable-channel-update-for-desktop_24-2018-01) - Mac OS X
2018-01-25 00:00:00
redhat
redhat
(RHSA-2018:0265) Important: chromium-browser security update
2018-02-01 15:56:48
(RHSA-2017:3401) Critical: chromium-browser security update
2017-12-07 19:20:02
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2018-02-19 00:00:00
Chromium, Google Chrome: Multiple vulnerabilities
2018-01-07 00:00:00
osv
osv
chromium-browser - security update
2018-01-31 00:00:00
chromium-browser - security update
2017-12-12 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: qt5-qtwebengine-5.10.1-1.fc27
2018-02-25 21:14:12
[SECURITY] Fedora 26 Update: qt5-qtwebengine-5.10.1-1.fc26
2018-02-27 16:58:43
[SECURITY] Fedora 27 Update: qt5-qtwebengine-5.10.1-4.fc27
2018-03-25 21:49:26
threatpost
threatpost
Firefox, Chrome Patch Vulnerabilities, Add Security Features
2018-01-25 13:51:58
debiancve
debiancve
CVE-2018-6043
2018-09-25 14:29:00
CVE-2018-6032
2018-09-25 14:29:00
CVE-2017-15420
2018-08-28 19:29:00
prion
prion
Design/Logic Flaw
2018-09-25 14:29:00
Code injection
2018-09-25 14:29:00
Input validation
2018-09-25 14:29:00
redhatcve
redhatcve
CVE-2018-6049
2018-01-25 09:21:58
CVE-2017-15420
2017-12-07 10:24:06
CVE-2018-6041
2018-01-25 09:21:17
ubuntucve
ubuntucve
CVE-2018-6043
2018-09-25 00:00:00
CVE-2018-6047
2018-09-25 00:00:00
CVE-2018-6046
2018-09-25 00:00:00
cve
cve
CVE-2018-6043
2018-09-25 14:29:00
CVE-2018-6049
2018-09-25 14:29:00
CVE-2018-6047
2018-09-25 14:29:00
myhack58
myhack58
360 security browser to fix more Chrome kernel vulnerabilities and plugging the hacking of door-vulnerability warning-the black bar safety net
2018-04-16 00:00:00
archlinux
archlinux
[ASA-201712-5] chromium: multiple issues
2017-12-07 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2017-12-06 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.4%

JSON
Related for 8E986B2B-1BAA-11E8-A944-54EE754AF08E
suse4nessus23kaspersky2debian2chrome2openvas17redhat2gentoo2osv2fedora9threatpost1debiancve24prion24redhatcve24ubuntucve24cve24myhack581archlinux1freebsd1