{"id": "RHSA-2018:1825", "hash": "b46fa2966fdfe75040b518a44c3280b3", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:1825) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 67.0.3396.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Incorrect handling of CSP header (CVE-2018-6148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-06-11T15:58:02", "modified": "2018-06-13T01:25:25", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://access.redhat.com/errata/RHSA-2018:1825", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-6148"], "lastseen": "2019-08-13T18:45:32", "history": [{"bulletin": {"id": "RHSA-2018:1825", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:1825) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 67.0.3396.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Incorrect handling of CSP header (CVE-2018-6148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-06-11T15:58:02", "modified": "2018-06-11T15:59:30", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://access.redhat.com/errata/RHSA-2018:1825", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-6148"], "lastseen": "2018-06-11T15:53:02", "history": [], "viewCount": 12, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-06-11T15:53:02"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser-debuginfo", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-debuginfo-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser-debuginfo", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-debuginfo-67.0.3396.79-1.el6_9.x86_64.rpm", "operator": "lt"}]}, "lastseen": "2018-06-11T15:53:02", "differentElements": ["modified"], "edition": 1}, {"bulletin": {"id": "RHSA-2018:1825", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:1825) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 67.0.3396.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Incorrect handling of CSP header (CVE-2018-6148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-06-11T15:58:02", "modified": "2018-06-12T01:11:16", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://access.redhat.com/errata/RHSA-2018:1825", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-6148"], "lastseen": "2018-06-11T21:38:46", "history": [], "viewCount": 36, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-06-11T21:38:46"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser-debuginfo", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-debuginfo-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser-debuginfo", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-debuginfo-67.0.3396.79-1.el6_9.x86_64.rpm", "operator": "lt"}]}, "lastseen": "2018-06-11T21:38:46", "differentElements": ["modified"], "edition": 2}, {"bulletin": {"id": "RHSA-2018:1825", "hash": "50f8d5d8f200c4f38b122d2343292aa2", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:1825) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 67.0.3396.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Incorrect handling of CSP header (CVE-2018-6148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-06-11T15:58:02", "modified": "2018-06-13T01:25:25", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://access.redhat.com/errata/RHSA-2018:1825", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-6148"], "lastseen": "2018-06-13T00:00:15", "history": [], "viewCount": 38, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-06-13T00:00:15"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser-debuginfo", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-debuginfo-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser-debuginfo", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-debuginfo-67.0.3396.79-1.el6_9.x86_64.rpm", "operator": "lt"}]}, "lastseen": "2018-06-13T00:00:15", "differentElements": ["affectedPackage"], "edition": 3}, {"bulletin": {"id": "RHSA-2018:1825", "hash": "6fbe250efd7142ad86096bf032c6a258", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:1825) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 67.0.3396.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Incorrect handling of CSP header (CVE-2018-6148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-06-11T15:58:02", "modified": "2018-06-13T01:25:25", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://access.redhat.com/errata/RHSA-2018:1825", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-6148"], "lastseen": "2018-12-11T19:43:24", "history": [], "viewCount": 38, "enchantments": {"score": {"value": 4.0, "vector": "NONE", "modified": "2018-12-11T19:43:24"}, "dependencies": {"references": [{"type": "nessus", "idList": ["OPENSUSE-2018-687.NASL", "REDHAT-RHSA-2018-1825.NASL", "FREEBSD_PKG_4CB49A236C8911E88B33E8E0B747A45A.NASL", "FEDORA_2018-09B59B0227.NASL", "FEDORA_2018-7C80AAEF26.NASL", "OPENSUSE-2018-759.NASL", "DEBIAN_DSA-4237.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813517", "OPENVAS:1361412562310813515", "OPENVAS:1361412562310813516", "OPENVAS:1361412562310874678", "OPENVAS:1361412562310851821", "OPENVAS:1361412562310874714", "OPENVAS:1361412562310704237"]}, {"type": "thn", "idList": ["THN:DF29659E5A248495936A65E622F049FC"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1859-1", "OPENSUSE-SU-2018:2054-1", "OPENSUSE-SU-2018:2055-1"]}, {"type": "freebsd", "idList": ["4CB49A23-6C89-11E8-8B33-E8E0B747A45A"]}, {"type": "kaspersky", "idList": ["KLA11260"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4237-1:5AD61"]}], "modified": "2018-12-11T19:43:24"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}]}, "lastseen": "2018-12-11T19:43:24", "differentElements": ["cvss"], "edition": 4}, {"bulletin": {"id": "RHSA-2018:1825", "hash": "ef08627da9ed01dc60a1046f96e6192c", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:1825) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 67.0.3396.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Incorrect handling of CSP header (CVE-2018-6148)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-06-11T15:58:02", "modified": "2018-06-13T01:25:25", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://access.redhat.com/errata/RHSA-2018:1825", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-6148"], "lastseen": "2019-07-03T09:43:31", "history": [], "viewCount": 39, "enchantments": {"score": {"value": 5.1, "vector": "NONE", "modified": "2019-07-03T09:43:31"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-6148"]}, {"type": "nessus", "idList": ["OPENSUSE-2018-687.NASL", "REDHAT-RHSA-2018-1825.NASL", "FREEBSD_PKG_4CB49A236C8911E88B33E8E0B747A45A.NASL", "FEDORA_2018-09B59B0227.NASL", "FEDORA_2018-7C80AAEF26.NASL", "OPENSUSE-2018-759.NASL", "DEBIAN_DSA-4237.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813517", "OPENVAS:1361412562310813515", "OPENVAS:1361412562310813516", "OPENVAS:1361412562310874714", "OPENVAS:1361412562310851821", "OPENVAS:1361412562310874678", "OPENVAS:1361412562310704237"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1859-1", "OPENSUSE-SU-2018:2055-1", "OPENSUSE-SU-2018:2054-1"]}, {"type": "thn", "idList": ["THN:DF29659E5A248495936A65E622F049FC"]}, {"type": "kaspersky", "idList": ["KLA11260"]}, {"type": "freebsd", "idList": ["4CB49A23-6C89-11E8-8B33-E8E0B747A45A"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4237-1:5AD61"]}], "modified": "2019-07-03T09:43:31"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}]}, "lastseen": "2019-07-03T09:43:31", "differentElements": ["affectedPackage"], "edition": 5}], "viewCount": 39, "enchantments": {"score": {"value": 5.1, "vector": "NONE", "modified": "2019-08-13T18:45:32", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-6148"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813516", "OPENVAS:1361412562310874714", "OPENVAS:1361412562310813517", "OPENVAS:1361412562310813515", "OPENVAS:1361412562310874678", "OPENVAS:1361412562310704237", "OPENVAS:1361412562310851821"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_4CB49A236C8911E88B33E8E0B747A45A.NASL", "OPENSUSE-2019-548.NASL", "FEDORA_2018-7C80AAEF26.NASL", "DEBIAN_DSA-4237.NASL", "OPENSUSE-2018-759.NASL", "OPENSUSE-2018-687.NASL", "REDHAT-RHSA-2018-1825.NASL", "FEDORA_2018-09B59B0227.NASL"]}, {"type": "kaspersky", "idList": ["KLA11260"]}, {"type": "freebsd", "idList": ["4CB49A23-6C89-11E8-8B33-E8E0B747A45A"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1859-1", "OPENSUSE-SU-2018:2054-1", "OPENSUSE-SU-2018:2055-1"]}, {"type": "thn", "idList": ["THN:DF29659E5A248495936A65E622F049FC"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4237-1:5AD61"]}], "modified": "2019-08-13T18:45:32", "rev": 2}, "vulnersScore": 5.1}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser-debuginfo", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-debuginfo-67.0.3396.79-1.el6_9.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-67.0.3396.79-1.el6_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser-debuginfo", "packageVersion": "67.0.3396.79-1.el6_9", "packageFilename": "chromium-browser-debuginfo-67.0.3396.79-1.el6_9.x86_64.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2020-05-08T13:18:15", "bulletinFamily": "NVD", "description": "Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", "modified": "2019-07-02T13:57:00", "id": "CVE-2018-6148", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6148", "published": "2019-06-27T17:15:00", "title": "CVE-2018-6148", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-07-19T21:54:15", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2018-06-07T00:00:00", "id": "OPENVAS:1361412562310813517", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813517", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-MAC OS X", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-MAC OS X\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813517\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2018-6148\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-06-07 11:05:17 +0530 (Thu, 07 Jun 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to incorrect handling of\n CSP header.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow an\n attacker to perform cross-site scripting, clickjacking and other types of code\n injection attacks.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 67.0.3396.79 on MAC OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 67.0.3396.79 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"67.0.3396.79\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"67.0.3396.79\");\n security_message(data:report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-07-19T21:53:54", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2018-06-07T00:00:00", "id": "OPENVAS:1361412562310813515", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813515", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-Windows", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-Windows\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813515\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2018-6148\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-06-07 11:05:17 +0530 (Thu, 07 Jun 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to Incorrect handling of\n CSP header.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow an\n attacker to perform cross-site scripting, clickjacking and other types of code\n injection attacks.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 67.0.3396.79 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 67.0.3396.79 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"67.0.3396.79\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"67.0.3396.79\");\n security_message(data:report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-07-19T21:53:54", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2018-06-07T00:00:00", "id": "OPENVAS:1361412562310813516", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813516", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-Linux", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-Linux\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813516\");\n script_version(\"2019-07-17T08:15:16+0000\");\n script_cve_id(\"CVE-2018-6148\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 08:15:16 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-06-07 11:05:17 +0530 (Thu, 07 Jun 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-06)-Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to incorrect handling of\n CSP header.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow an\n attacker to perform cross-site scripting, clickjacking and other types of code\n injection attacks.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version\n prior to 67.0.3396.79 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version\n 67.0.3396.79 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!chr_ver = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:chr_ver, test_version:\"67.0.3396.79\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"67.0.3396.79\");\n security_message(data:report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-31T17:35:37", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-07-26T00:00:00", "id": "OPENVAS:1361412562310851821", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851821", "title": "openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:2055-1)", "type": "openvas", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851821\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-26 06:00:59 +0200 (Thu, 26 Jul 2018)\");\n script_cve_id(\"CVE-2018-6123\", \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\",\n \"CVE-2018-6127\", \"CVE-2018-6128\", \"CVE-2018-6129\", \"CVE-2018-6130\",\n \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\",\n \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6138\",\n \"CVE-2018-6139\", \"CVE-2018-6140\", \"CVE-2018-6141\", \"CVE-2018-6142\",\n \"CVE-2018-6143\", \"CVE-2018-6144\", \"CVE-2018-6145\", \"CVE-2018-6147\",\n \"CVE-2018-6148\", \"CVE-2018-6149\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:2055-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Chromium'\n package(s) announced via the referenced advisory.\");\n\nscript_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for Chromium to version 67.0.3396.99 fixes multiple issues.\n\n Security issues fixed (bsc#1095163):\n\n - CVE-2018-6123: Use after free in Blink\n\n - CVE-2018-6124: Type confusion in Blink\n\n - CVE-2018-6125: Overly permissive policy in WebUSB\n\n - CVE-2018-6126: Heap buffer overflow in Skia\n\n - CVE-2018-6127: Use after free in indexedDB\n\n - CVE-2018-6129: Out of bounds memory access in WebRTC\n\n - CVE-2018-6130: Out of bounds memory access in WebRTC\n\n - CVE-2018-6131: Incorrect mutability protection in WebAssembly\n\n - CVE-2018-6132: Use of uninitialized memory in WebRTC\n\n - CVE-2018-6133: URL spoof in Omnibox\n\n - CVE-2018-6134: Referrer Policy bypass in Blink\n\n - CVE-2018-6135: UI spoofing in Blink\n\n - CVE-2018-6136: Out of bounds memory access in V8\n\n - CVE-2018-6137: Leak of visited status of page in Blink\n\n - CVE-2018-6138: Overly permissive policy in Extensions\n\n - CVE-2018-6139: Restrictions bypass in the debugger extension API\n\n - CVE-2018-6140: Restrictions bypass in the debugger extension API\n\n - CVE-2018-6141: Heap buffer overflow in Skia\n\n - CVE-2018-6142: Out of bounds memory access in V8\n\n - CVE-2018-6143: Out of bounds memory access in V8\n\n - CVE-2018-6144: Out of bounds memory access in PDFium\n\n - CVE-2018-6145: Incorrect escaping of MathML in Blink\n\n - CVE-2018-6147: Password fields not taking advantage of OS protections in\n Views\n\n - CVE-2018-6148: Incorrect handling of CSP header (boo#1096508)\n\n - CVE-2018-6149: Out of bounds write in V8 (boo#1097452)\n\n The following tracked packaging changes are included:\n\n - Require ffmpeg = 4.0 (boo#1095545)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-759=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-759=1\");\n\n script_tag(name:\"affected\", value:\"Chromium on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2055-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-07/msg00032.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~67.0.3396.99~161.4\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~67.0.3396.99~161.4\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~67.0.3396.99~161.4\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~67.0.3396.99~161.4\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~67.0.3396.99~161.4\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:00", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-06-21T00:00:00", "id": "OPENVAS:1361412562310874714", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874714", "title": "Fedora Update for chromium FEDORA-2018-09b59b0227", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_09b59b0227_chromium_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for chromium FEDORA-2018-09b59b0227\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874714\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-21 06:19:31 +0200 (Thu, 21 Jun 2018)\");\n script_cve_id(\"CVE-2018-6123\", \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\", \"CVE-2018-6127\", \"CVE-2018-6128\", \"CVE-2018-6129\", \"CVE-2018-6130\", \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\", \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6148\", \"CVE-2018-6147\", \"CVE-2018-6145\", \"CVE-2018-6144\", \"CVE-2018-6143\", \"CVE-2018-6142\", \"CVE-2018-6141\", \"CVE-2018-6140\", \"CVE-2018-6139\", \"CVE-2018-6138\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2018-09b59b0227\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-09b59b0227\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FIVPSE5MN6YAGKYNI4VQQ5QIKJ4ZMYZ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~67.0.3396.79~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:56", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-06-15T00:00:00", "id": "OPENVAS:1361412562310874678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874678", "title": "Fedora Update for chromium FEDORA-2018-7c80aaef26", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_7c80aaef26_chromium_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for chromium FEDORA-2018-7c80aaef26\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874678\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-15 05:59:24 +0200 (Fri, 15 Jun 2018)\");\n script_cve_id(\"CVE-2018-6123\", \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\",\n \"CVE-2018-6127\", \"CVE-2018-6128\", \"CVE-2018-6129\", \"CVE-2018-6130\",\n \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\",\n \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6148\",\n \"CVE-2018-6147\", \"CVE-2018-6145\", \"CVE-2018-6144\", \"CVE-2018-6143\",\n \"CVE-2018-6142\", \"CVE-2018-6141\", \"CVE-2018-6140\", \"CVE-2018-6139\",\n \"CVE-2018-6138\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for chromium FEDORA-2018-7c80aaef26\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"chromium on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-7c80aaef26\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDQLVQB572536ED7VKYFV62WTSNYGL75\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~67.0.3396.79~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-04T18:55:57", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-6118\nNed Williamson discovered a use-after-free issue.\n\nCVE-2018-6120\nZhou Aiting discovered a buffer overflow issue in the pdfium library.\n\nCVE-2018-6121\nIt was discovered that malicious extensions could escalate privileges.\n\nCVE-2018-6122\nA type confusion issue was discovered in the v8 javascript library.\n\nCVE-2018-6123\nLooben Yang discovered a use-after-free issue.\n\nCVE-2018-6124\nGuang Gong discovered a type confusion issue.\n\nCVE-2018-6125\nYubico discovered that the WebUSB implementation was too permissive.\n\nCVE-2018-6126\nIvan Fratric discovered a buffer overflow issue in the skia library.\n\nCVE-2018-6127\nLooben Yang discovered a use-after-free issue.\n\nCVE-2018-6129\nNatalie Silvanovich discovered an out-of-bounds read issue in WebRTC.\n\nCVE-2018-6130\nNatalie Silvanovich discovered an out-of-bounds read issue in WebRTC.\n\nCVE-2018-6131\nNatalie Silvanovich discovered an error in WebAssembly.\n\nCVE-2018-6132\nRonald E. Crane discovered an uninitialized memory issue.\n\nCVE-2018-6133\nKhalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6134\nJun Kokatsu discovered a way to bypass the Referrer Policy.\n\nCVE-2018-6135\nJasper Rebane discovered a user interface spoofing issue.\n\nCVE-2018-6136\nPeter Wong discovered an out-of-bounds read issue in the v8 javascript\nlibrary.\n\nCVE-2018-6137\nMichael Smith discovered an information leak.\n\nCVE-2018-6138\nFran\u00e7ois Lajeunesse-Robert discovered that the extensions policy was\ntoo permissive.\n\nCVE-2018-6139\nRob Wu discovered a way to bypass restrictions in the debugger extension.\n\nCVE-2018-6140\nRob Wu discovered a way to bypass restrictions in the debugger extension.\n\nCVE-2018-6141\nYangkang discovered a buffer overflow issue in the skia library.\n\nCVE-2018-6142\nChoongwoo Han discovered an out-of-bounds read in the v8 javascript\nlibrary.\n\nCVE-2018-6143\nGuang Gong discovered an out-of-bounds read in the v8 javascript library.\n\nCVE-2018-6144\npdknsk discovered an out-of-bounds read in the pdfium library.\n\nCVE-2018-6145\nMasato Kinugawa discovered an error in the MathML implementation.\n\nCVE-2018-6147\nMichail Pishchagin discovered an error in password entry fields.\n\nCVE-2018-6148\nMicha? Bentkowski discovered that the Content Security Policy header\nwas handled incorrectly.\n\nCVE-2018-6149\nYu Zhou and Jundong Xie discovered an out-of-bounds write issue in the\nv8 javascript library.", "modified": "2019-07-04T00:00:00", "published": "2018-06-30T00:00:00", "id": "OPENVAS:1361412562310704237", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704237", "title": "Debian Security Advisory DSA 4237-1 (chromium-browser - security update)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4237-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704237\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-6118\", \"CVE-2018-6120\", \"CVE-2018-6121\", \"CVE-2018-6122\", \"CVE-2018-6123\",\n \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\", \"CVE-2018-6127\", \"CVE-2018-6129\",\n \"CVE-2018-6130\", \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\",\n \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6138\", \"CVE-2018-6139\",\n \"CVE-2018-6140\", \"CVE-2018-6141\", \"CVE-2018-6142\", \"CVE-2018-6143\", \"CVE-2018-6144\",\n \"CVE-2018-6145\", \"CVE-2018-6147\", \"CVE-2018-6148\", \"CVE-2018-6149\");\n script_name(\"Debian Security Advisory DSA 4237-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-06-30 00:00:00 +0200 (Sat, 30 Jun 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4237.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 67.0.3396.87-1~deb9u1.\n\nWe recommend that you upgrade your chromium-browser packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/chromium-browser\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-6118\nNed Williamson discovered a use-after-free issue.\n\nCVE-2018-6120\nZhou Aiting discovered a buffer overflow issue in the pdfium library.\n\nCVE-2018-6121\nIt was discovered that malicious extensions could escalate privileges.\n\nCVE-2018-6122\nA type confusion issue was discovered in the v8 javascript library.\n\nCVE-2018-6123\nLooben Yang discovered a use-after-free issue.\n\nCVE-2018-6124\nGuang Gong discovered a type confusion issue.\n\nCVE-2018-6125\nYubico discovered that the WebUSB implementation was too permissive.\n\nCVE-2018-6126\nIvan Fratric discovered a buffer overflow issue in the skia library.\n\nCVE-2018-6127\nLooben Yang discovered a use-after-free issue.\n\nCVE-2018-6129\nNatalie Silvanovich discovered an out-of-bounds read issue in WebRTC.\n\nCVE-2018-6130\nNatalie Silvanovich discovered an out-of-bounds read issue in WebRTC.\n\nCVE-2018-6131\nNatalie Silvanovich discovered an error in WebAssembly.\n\nCVE-2018-6132\nRonald E. Crane discovered an uninitialized memory issue.\n\nCVE-2018-6133\nKhalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6134\nJun Kokatsu discovered a way to bypass the Referrer Policy.\n\nCVE-2018-6135\nJasper Rebane discovered a user interface spoofing issue.\n\nCVE-2018-6136\nPeter Wong discovered an out-of-bounds read issue in the v8 javascript\nlibrary.\n\nCVE-2018-6137\nMichael Smith discovered an information leak.\n\nCVE-2018-6138\nFran\u00e7ois Lajeunesse-Robert discovered that the extensions policy was\ntoo permissive.\n\nCVE-2018-6139\nRob Wu discovered a way to bypass restrictions in the debugger extension.\n\nCVE-2018-6140\nRob Wu discovered a way to bypass restrictions in the debugger extension.\n\nCVE-2018-6141\nYangkang discovered a buffer overflow issue in the skia library.\n\nCVE-2018-6142\nChoongwoo Han discovered an out-of-bounds read in the v8 javascript\nlibrary.\n\nCVE-2018-6143\nGuang Gong discovered an out-of-bounds read in the v8 javascript library.\n\nCVE-2018-6144\npdknsk discovered an out-of-bounds read in the pdfium library.\n\nCVE-2018-6145\nMasato Kinugawa discovered an error in the MathML implementation.\n\nCVE-2018-6147\nMichail Pishchagin discovered an error in password entry fields.\n\nCVE-2018-6148\nMicha? Bentkowski discovered that the Content Security Policy header\nwas handled incorrectly.\n\nCVE-2018-6149\nYu Zhou and Jundong Xie discovered an out-of-bounds write issue in the\nv8 javascript library.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"chromedriver\", ver:\"67.0.3396.87-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium\", ver:\"67.0.3396.87-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-driver\", ver:\"67.0.3396.87-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"67.0.3396.87-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-shell\", ver:\"67.0.3396.87-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-widevine\", ver:\"67.0.3396.87-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-05-01T01:34:09", "bulletinFamily": "scanner", "description": "This update for Opera 54.0.2952.41 fixes multiple issues.\n\n - CVE-2018-6148: Incorrect handling of CSP header\n (boo#1096508)\n\nThis update to version 54.0.2952.41 also contains all security and bug\nfixes in this upstream version, including all fixes in the chromium\nengine.", "modified": "2020-05-02T00:00:00", "id": "OPENSUSE-2018-687.NASL", "href": "https://www.tenable.com/plugins/nessus/110832", "published": "2018-07-02T00:00:00", "title": "openSUSE Security Update : Opera (openSUSE-2018-687)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-687.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110832);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/07/03 12:01:42\");\n\n script_cve_id(\"CVE-2018-6148\");\n\n script_name(english:\"openSUSE Security Update : Opera (openSUSE-2018-687)\");\n script_summary(english:\"Check for the openSUSE-2018-687 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for Opera 54.0.2952.41 fixes multiple issues.\n\n - CVE-2018-6148: Incorrect handling of CSP header\n (boo#1096508)\n\nThis update to version 54.0.2952.41 also contains all security and bug\nfixes in this upstream version, including all fixes in the chromium\nengine.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1096508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1099568\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected Opera package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"opera-54.0.2952.41-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"opera-54.0.2952.41-68.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opera\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-01T02:14:34", "bulletinFamily": "scanner", "description": "An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 67.0.3396.79.\n\nSecurity Fix(es) :\n\n* chromium-browser: Incorrect handling of CSP header (CVE-2018-6148)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.", "modified": "2020-05-02T00:00:00", "id": "REDHAT-RHSA-2018-1825.NASL", "href": "https://www.tenable.com/plugins/nessus/110468", "published": "2018-06-12T00:00:00", "title": "RHEL 6 : chromium-browser (RHSA-2018:1825)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1825. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110468);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-6148\");\n script_xref(name:\"RHSA\", value:\"2018:1825\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2018:1825)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 67.0.3396.79.\n\nSecurity Fix(es) :\n\n* chromium-browser: Incorrect handling of CSP header (CVE-2018-6148)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:1825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-6148\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:1825\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-67.0.3396.79-1.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-67.0.3396.79-1.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-67.0.3396.79-1.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-67.0.3396.79-1.el6_9\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-01T00:19:06", "bulletinFamily": "scanner", "description": "Google Chrome Releases reports :\n\n1 security fix contributed by external researchers :\n\n- [845961] High CVE-2018-6148: Incorrect handling of CSP header.\nReported by Michal Bentkowski on 2018-05-23", "modified": "2020-05-02T00:00:00", "id": "FREEBSD_PKG_4CB49A236C8911E88B33E8E0B747A45A.NASL", "href": "https://www.tenable.com/plugins/nessus/110429", "published": "2018-06-11T00:00:00", "title": "FreeBSD : chromium -- Incorrect handling of CSP header (4cb49a23-6c89-11e8-8b33-e8e0b747a45a)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110429);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/07/03 12:01:40\");\n\n script_cve_id(\"CVE-2018-6148\");\n\n script_name(english:\"FreeBSD : chromium -- Incorrect handling of CSP header (4cb49a23-6c89-11e8-8b33-e8e0b747a45a)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Google Chrome Releases reports :\n\n1 security fix contributed by external researchers :\n\n- [845961] High CVE-2018-6148: Incorrect handling of CSP header.\nReported by Michal Bentkowski on 2018-05-23\"\n );\n # https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e9dbd17\"\n );\n # https://vuxml.freebsd.org/freebsd/4cb49a23-6c89-11e8-8b33-e8e0b747a45a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?68e2c24b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<67.0.3396.79\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-05-03T02:24:31", "bulletinFamily": "scanner", "description": "Update to Chromium 67. Security fix for CVE-2018-6123 CVE-2018-6124\nCVE-2018-6125 CVE-2018-6126 CVE-2018-6127 CVE-2018-6128 CVE-2018-6129\nCVE-2018-6130 CVE-2018-6131 CVE-2018-6132 CVE-2018-6133 CVE-2018-6134\nCVE-2018-6135 CVE-2018-6136 CVE-2018-6137 CVE-2018-6148\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "modified": "2020-05-02T00:00:00", "id": "FEDORA_2018-09B59B0227.NASL", "href": "https://www.tenable.com/plugins/nessus/110625", "published": "2018-06-21T00:00:00", "title": "Fedora 27 : chromium (2018-09b59b0227)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-09b59b0227.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110625);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/25 17:12:10\");\n\n script_cve_id(\"CVE-2018-6123\", \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\", \"CVE-2018-6127\", \"CVE-2018-6128\", \"CVE-2018-6129\", \"CVE-2018-6130\", \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\", \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6138\", \"CVE-2018-6139\", \"CVE-2018-6140\", \"CVE-2018-6141\", \"CVE-2018-6142\", \"CVE-2018-6143\", \"CVE-2018-6144\", \"CVE-2018-6145\", \"CVE-2018-6147\", \"CVE-2018-6148\");\n script_xref(name:\"FEDORA\", value:\"2018-09b59b0227\");\n\n script_name(english:\"Fedora 27 : chromium (2018-09b59b0227)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Chromium 67. Security fix for CVE-2018-6123 CVE-2018-6124\nCVE-2018-6125 CVE-2018-6126 CVE-2018-6127 CVE-2018-6128 CVE-2018-6129\nCVE-2018-6130 CVE-2018-6131 CVE-2018-6132 CVE-2018-6133 CVE-2018-6134\nCVE-2018-6135 CVE-2018-6136 CVE-2018-6137 CVE-2018-6148\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-09b59b0227\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"chromium-67.0.3396.79-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T23:39:08", "bulletinFamily": "scanner", "description": "Update to Chromium 67. Security fix for CVE-2018-6123 CVE-2018-6124\nCVE-2018-6125 CVE-2018-6126 CVE-2018-6127 CVE-2018-6128 CVE-2018-6129\nCVE-2018-6130 CVE-2018-6131 CVE-2018-6132 CVE-2018-6133 CVE-2018-6134\nCVE-2018-6135 CVE-2018-6136 CVE-2018-6137 CVE-2018-6148\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "modified": "2019-01-03T00:00:00", "id": "FEDORA_2018-7C80AAEF26.NASL", "href": "https://www.tenable.com/plugins/nessus/120558", "published": "2019-01-03T00:00:00", "title": "Fedora 28 : chromium (2018-7c80aaef26)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-7c80aaef26.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120558);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/10\");\n\n script_cve_id(\"CVE-2018-6123\", \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\", \"CVE-2018-6127\", \"CVE-2018-6128\", \"CVE-2018-6129\", \"CVE-2018-6130\", \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\", \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6138\", \"CVE-2018-6139\", \"CVE-2018-6140\", \"CVE-2018-6141\", \"CVE-2018-6142\", \"CVE-2018-6143\", \"CVE-2018-6144\", \"CVE-2018-6145\", \"CVE-2018-6147\", \"CVE-2018-6148\");\n script_xref(name:\"FEDORA\", value:\"2018-7c80aaef26\");\n\n script_name(english:\"Fedora 28 : chromium (2018-7c80aaef26)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to Chromium 67. Security fix for CVE-2018-6123 CVE-2018-6124\nCVE-2018-6125 CVE-2018-6126 CVE-2018-6127 CVE-2018-6128 CVE-2018-6129\nCVE-2018-6130 CVE-2018-6131 CVE-2018-6132 CVE-2018-6133 CVE-2018-6134\nCVE-2018-6135 CVE-2018-6136 CVE-2018-6137 CVE-2018-6148\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-7c80aaef26\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-6140\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"chromium-67.0.3396.79-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-01T01:51:13", "bulletinFamily": "scanner", "description": "This update for Chromium to version 67.0.3396.99 fixes multiple\nissues.\n\nSecurity issues fixed (bsc#1095163) :\n\n - CVE-2018-6123: Use after free in Blink\n\n - CVE-2018-6124: Type confusion in Blink\n\n - CVE-2018-6125: Overly permissive policy in WebUSB\n\n - CVE-2018-6126: Heap buffer overflow in Skia\n\n - CVE-2018-6127: Use after free in indexedDB\n\n - CVE-2018-6129: Out of bounds memory access in WebRTC\n\n - CVE-2018-6130: Out of bounds memory access in WebRTC\n\n - CVE-2018-6131: Incorrect mutability protection in\n WebAssembly\n\n - CVE-2018-6132: Use of uninitialized memory in WebRTC\n\n - CVE-2018-6133: URL spoof in Omnibox\n\n - CVE-2018-6134: Referrer Policy bypass in Blink\n\n - CVE-2018-6135: UI spoofing in Blink\n\n - CVE-2018-6136: Out of bounds memory access in V8\n\n - CVE-2018-6137: Leak of visited status of page in Blink\n\n - CVE-2018-6138: Overly permissive policy in Extensions\n\n - CVE-2018-6139: Restrictions bypass in the debugger\n extension API\n\n - CVE-2018-6140: Restrictions bypass in the debugger\n extension API\n\n - CVE-2018-6141: Heap buffer overflow in Skia\n\n - CVE-2018-6142: Out of bounds memory access in V8\n\n - CVE-2018-6143: Out of bounds memory access in V8\n\n - CVE-2018-6144: Out of bounds memory access in PDFium\n\n - CVE-2018-6145: Incorrect escaping of MathML in Blink\n\n - CVE-2018-6147: Password fields not taking advantage of\n OS protections in Views\n\n - CVE-2018-6148: Incorrect handling of CSP header\n (boo#1096508)\n\n - CVE-2018-6149: Out of bounds write in V8 (boo#1097452)\n\nThe following tracked packaging changes are included :\n\n - Require ffmpeg >= 4.0 (boo#1095545)", "modified": "2020-05-02T00:00:00", "id": "OPENSUSE-2019-548.NASL", "href": "https://www.tenable.com/plugins/nessus/123234", "published": "2019-03-27T00:00:00", "title": "openSUSE Security Update : Chromium (openSUSE-2019-548)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-548.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123234);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2018-6123\", \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\", \"CVE-2018-6127\", \"CVE-2018-6128\", \"CVE-2018-6129\", \"CVE-2018-6130\", \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\", \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6138\", \"CVE-2018-6139\", \"CVE-2018-6140\", \"CVE-2018-6141\", \"CVE-2018-6142\", \"CVE-2018-6143\", \"CVE-2018-6144\", \"CVE-2018-6145\", \"CVE-2018-6147\", \"CVE-2018-6148\", \"CVE-2018-6149\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2019-548)\");\n script_summary(english:\"Check for the openSUSE-2019-548 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for Chromium to version 67.0.3396.99 fixes multiple\nissues.\n\nSecurity issues fixed (bsc#1095163) :\n\n - CVE-2018-6123: Use after free in Blink\n\n - CVE-2018-6124: Type confusion in Blink\n\n - CVE-2018-6125: Overly permissive policy in WebUSB\n\n - CVE-2018-6126: Heap buffer overflow in Skia\n\n - CVE-2018-6127: Use after free in indexedDB\n\n - CVE-2018-6129: Out of bounds memory access in WebRTC\n\n - CVE-2018-6130: Out of bounds memory access in WebRTC\n\n - CVE-2018-6131: Incorrect mutability protection in\n WebAssembly\n\n - CVE-2018-6132: Use of uninitialized memory in WebRTC\n\n - CVE-2018-6133: URL spoof in Omnibox\n\n - CVE-2018-6134: Referrer Policy bypass in Blink\n\n - CVE-2018-6135: UI spoofing in Blink\n\n - CVE-2018-6136: Out of bounds memory access in V8\n\n - CVE-2018-6137: Leak of visited status of page in Blink\n\n - CVE-2018-6138: Overly permissive policy in Extensions\n\n - CVE-2018-6139: Restrictions bypass in the debugger\n extension API\n\n - CVE-2018-6140: Restrictions bypass in the debugger\n extension API\n\n - CVE-2018-6141: Heap buffer overflow in Skia\n\n - CVE-2018-6142: Out of bounds memory access in V8\n\n - CVE-2018-6143: Out of bounds memory access in V8\n\n - CVE-2018-6144: Out of bounds memory access in PDFium\n\n - CVE-2018-6145: Incorrect escaping of MathML in Blink\n\n - CVE-2018-6147: Password fields not taking advantage of\n OS protections in Views\n\n - CVE-2018-6148: Incorrect handling of CSP header\n (boo#1096508)\n\n - CVE-2018-6149: Out of bounds write in V8 (boo#1097452)\n\nThe following tracked packaging changes are included :\n\n - Require ffmpeg >= 4.0 (boo#1095545)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1070421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1096508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097452\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-6140\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromedriver-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromedriver-debuginfo-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-debuginfo-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-debugsource-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-67.0.3396.99-161.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-debuginfo-67.0.3396.99-161.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-67.0.3396.99-161.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debuginfo-67.0.3396.99-161.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debugsource-67.0.3396.99-161.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-01T01:34:25", "bulletinFamily": "scanner", "description": "This update for Chromium to version 67.0.3396.99 fixes multiple\nissues.\n\nSecurity issues fixed (bsc#1095163) :\n\n - CVE-2018-6123: Use after free in Blink\n\n - CVE-2018-6124: Type confusion in Blink\n\n - CVE-2018-6125: Overly permissive policy in WebUSB\n\n - CVE-2018-6126: Heap buffer overflow in Skia\n\n - CVE-2018-6127: Use after free in indexedDB\n\n - CVE-2018-6129: Out of bounds memory access in WebRTC\n\n - CVE-2018-6130: Out of bounds memory access in WebRTC\n\n - CVE-2018-6131: Incorrect mutability protection in\n WebAssembly\n\n - CVE-2018-6132: Use of uninitialized memory in WebRTC\n\n - CVE-2018-6133: URL spoof in Omnibox\n\n - CVE-2018-6134: Referrer Policy bypass in Blink\n\n - CVE-2018-6135: UI spoofing in Blink\n\n - CVE-2018-6136: Out of bounds memory access in V8\n\n - CVE-2018-6137: Leak of visited status of page in Blink\n\n - CVE-2018-6138: Overly permissive policy in Extensions\n\n - CVE-2018-6139: Restrictions bypass in the debugger\n extension API\n\n - CVE-2018-6140: Restrictions bypass in the debugger\n extension API\n\n - CVE-2018-6141: Heap buffer overflow in Skia\n\n - CVE-2018-6142: Out of bounds memory access in V8\n\n - CVE-2018-6143: Out of bounds memory access in V8\n\n - CVE-2018-6144: Out of bounds memory access in PDFium\n\n - CVE-2018-6145: Incorrect escaping of MathML in Blink\n\n - CVE-2018-6147: Password fields not taking advantage of\n OS protections in Views\n\n - CVE-2018-6148: Incorrect handling of CSP header\n (boo#1096508)\n\n - CVE-2018-6149: Out of bounds write in V8 (boo#1097452)\n\nThe following tracked packaging changes are included :\n\n - Require ffmpeg >= 4.0 (boo#1095545)", "modified": "2020-05-02T00:00:00", "id": "OPENSUSE-2018-759.NASL", "href": "https://www.tenable.com/plugins/nessus/111345", "published": "2018-07-26T00:00:00", "title": "openSUSE Security Update : Chromium (openSUSE-2018-759)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-759.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111345);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/04/05 23:25:08\");\n\n script_cve_id(\"CVE-2018-6123\", \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\", \"CVE-2018-6127\", \"CVE-2018-6128\", \"CVE-2018-6129\", \"CVE-2018-6130\", \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\", \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6138\", \"CVE-2018-6139\", \"CVE-2018-6140\", \"CVE-2018-6141\", \"CVE-2018-6142\", \"CVE-2018-6143\", \"CVE-2018-6144\", \"CVE-2018-6145\", \"CVE-2018-6147\", \"CVE-2018-6148\", \"CVE-2018-6149\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2018-759)\");\n script_summary(english:\"Check for the openSUSE-2018-759 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for Chromium to version 67.0.3396.99 fixes multiple\nissues.\n\nSecurity issues fixed (bsc#1095163) :\n\n - CVE-2018-6123: Use after free in Blink\n\n - CVE-2018-6124: Type confusion in Blink\n\n - CVE-2018-6125: Overly permissive policy in WebUSB\n\n - CVE-2018-6126: Heap buffer overflow in Skia\n\n - CVE-2018-6127: Use after free in indexedDB\n\n - CVE-2018-6129: Out of bounds memory access in WebRTC\n\n - CVE-2018-6130: Out of bounds memory access in WebRTC\n\n - CVE-2018-6131: Incorrect mutability protection in\n WebAssembly\n\n - CVE-2018-6132: Use of uninitialized memory in WebRTC\n\n - CVE-2018-6133: URL spoof in Omnibox\n\n - CVE-2018-6134: Referrer Policy bypass in Blink\n\n - CVE-2018-6135: UI spoofing in Blink\n\n - CVE-2018-6136: Out of bounds memory access in V8\n\n - CVE-2018-6137: Leak of visited status of page in Blink\n\n - CVE-2018-6138: Overly permissive policy in Extensions\n\n - CVE-2018-6139: Restrictions bypass in the debugger\n extension API\n\n - CVE-2018-6140: Restrictions bypass in the debugger\n extension API\n\n - CVE-2018-6141: Heap buffer overflow in Skia\n\n - CVE-2018-6142: Out of bounds memory access in V8\n\n - CVE-2018-6143: Out of bounds memory access in V8\n\n - CVE-2018-6144: Out of bounds memory access in PDFium\n\n - CVE-2018-6145: Incorrect escaping of MathML in Blink\n\n - CVE-2018-6147: Password fields not taking advantage of\n OS protections in Views\n\n - CVE-2018-6148: Incorrect handling of CSP header\n (boo#1096508)\n\n - CVE-2018-6149: Out of bounds write in V8 (boo#1097452)\n\nThe following tracked packaging changes are included :\n\n - Require ffmpeg >= 4.0 (boo#1095545)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1070421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1096508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097452\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromedriver-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromedriver-debuginfo-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-debuginfo-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-debugsource-67.0.3396.99-lp150.2.3.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-67.0.3396.99-161.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-debuginfo-67.0.3396.99-161.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-67.0.3396.99-161.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debuginfo-67.0.3396.99-161.4\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debugsource-67.0.3396.99-161.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-03T02:04:17", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2018-6118\n Ned Williamson discovered a use-after-free issue.\n\n - CVE-2018-6120\n Zhou Aiting discovered a buffer overflow issue in the\n pdfium library.\n\n - CVE-2018-6121\n It was discovered that malicious extensions could\n escalate privileges.\n\n - CVE-2018-6122\n A type confusion issue was discovered in the v8\n JavaScript library.\n\n - CVE-2018-6123\n Looben Yang discovered a use-after-free issue.\n\n - CVE-2018-6124\n Guang Gong discovered a type confusion issue.\n\n - CVE-2018-6125\n Yubico discovered that the WebUSB implementation was too\n permissive.\n\n - CVE-2018-6126\n Ivan Fratric discovered a buffer overflow issue in the\n skia library.\n\n - CVE-2018-6127\n Looben Yang discovered a use-after-free issue.\n\n - CVE-2018-6129\n Natalie Silvanovich discovered an out-of-bounds read\n issue in WebRTC.\n\n - CVE-2018-6130\n Natalie Silvanovich discovered an out-of-bounds read\n issue in WebRTC.\n\n - CVE-2018-6131\n Natalie Silvanovich discovered an error in WebAssembly.\n\n - CVE-2018-6132\n Ronald E. Crane discovered an uninitialized memory\n issue.\n\n - CVE-2018-6133\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6134\n Jun Kokatsu discovered a way to bypass the Referrer\n Policy.\n\n - CVE-2018-6135\n Jasper Rebane discovered a user interface spoofing\n issue.\n\n - CVE-2018-6136\n Peter Wong discovered an out-of-bounds read issue in the\n v8 JavaScript library.\n\n - CVE-2018-6137\n Michael Smith discovered an information leak.\n\n - CVE-2018-6138\n Francois Lajeunesse-Robert discovered that the\n extensions policy was too permissive.\n\n - CVE-2018-6139\n Rob Wu discovered a way to bypass restrictions in the\n debugger extension.\n\n - CVE-2018-6140\n Rob Wu discovered a way to bypass restrictions in the\n debugger extension.\n\n - CVE-2018-6141\n Yangkang discovered a buffer overflow issue in the skia\n library.\n\n - CVE-2018-6142\n Choongwoo Han discovered an out-of-bounds read in the v8\n JavaScript library.\n\n - CVE-2018-6143\n Guang Gong discovered an out-of-bounds read in the v8\n JavaScript library.\n\n - CVE-2018-6144\n pdknsk discovered an out-of-bounds read in the pdfium\n library.\n\n - CVE-2018-6145\n Masato Kinugawa discovered an error in the MathML\n implementation.\n\n - CVE-2018-6147\n Michail Pishchagin discovered an error in password entry\n fields.\n\n - CVE-2018-6148\n Michal Bentkowski discovered that the Content Security\n Policy header was handled incorrectly.\n\n - CVE-2018-6149\n Yu Zhou and Jundong Xie discovered an out-of-bounds\n write issue in the v8 JavaScript library.", "modified": "2020-05-02T00:00:00", "id": "DEBIAN_DSA-4237.NASL", "href": "https://www.tenable.com/plugins/nessus/110820", "published": "2018-07-02T00:00:00", "title": "Debian DSA-4237-1 : chromium-browser - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4237. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110820);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/07/15 14:20:30\");\n\n script_cve_id(\"CVE-2018-6118\", \"CVE-2018-6120\", \"CVE-2018-6121\", \"CVE-2018-6122\", \"CVE-2018-6123\", \"CVE-2018-6124\", \"CVE-2018-6125\", \"CVE-2018-6126\", \"CVE-2018-6127\", \"CVE-2018-6129\", \"CVE-2018-6130\", \"CVE-2018-6131\", \"CVE-2018-6132\", \"CVE-2018-6133\", \"CVE-2018-6134\", \"CVE-2018-6135\", \"CVE-2018-6136\", \"CVE-2018-6137\", \"CVE-2018-6138\", \"CVE-2018-6139\", \"CVE-2018-6140\", \"CVE-2018-6141\", \"CVE-2018-6142\", \"CVE-2018-6143\", \"CVE-2018-6144\", \"CVE-2018-6145\", \"CVE-2018-6147\", \"CVE-2018-6148\", \"CVE-2018-6149\");\n script_xref(name:\"DSA\", value:\"4237\");\n\n script_name(english:\"Debian DSA-4237-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2018-6118\n Ned Williamson discovered a use-after-free issue.\n\n - CVE-2018-6120\n Zhou Aiting discovered a buffer overflow issue in the\n pdfium library.\n\n - CVE-2018-6121\n It was discovered that malicious extensions could\n escalate privileges.\n\n - CVE-2018-6122\n A type confusion issue was discovered in the v8\n JavaScript library.\n\n - CVE-2018-6123\n Looben Yang discovered a use-after-free issue.\n\n - CVE-2018-6124\n Guang Gong discovered a type confusion issue.\n\n - CVE-2018-6125\n Yubico discovered that the WebUSB implementation was too\n permissive.\n\n - CVE-2018-6126\n Ivan Fratric discovered a buffer overflow issue in the\n skia library.\n\n - CVE-2018-6127\n Looben Yang discovered a use-after-free issue.\n\n - CVE-2018-6129\n Natalie Silvanovich discovered an out-of-bounds read\n issue in WebRTC.\n\n - CVE-2018-6130\n Natalie Silvanovich discovered an out-of-bounds read\n issue in WebRTC.\n\n - CVE-2018-6131\n Natalie Silvanovich discovered an error in WebAssembly.\n\n - CVE-2018-6132\n Ronald E. Crane discovered an uninitialized memory\n issue.\n\n - CVE-2018-6133\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-6134\n Jun Kokatsu discovered a way to bypass the Referrer\n Policy.\n\n - CVE-2018-6135\n Jasper Rebane discovered a user interface spoofing\n issue.\n\n - CVE-2018-6136\n Peter Wong discovered an out-of-bounds read issue in the\n v8 JavaScript library.\n\n - CVE-2018-6137\n Michael Smith discovered an information leak.\n\n - CVE-2018-6138\n Francois Lajeunesse-Robert discovered that the\n extensions policy was too permissive.\n\n - CVE-2018-6139\n Rob Wu discovered a way to bypass restrictions in the\n debugger extension.\n\n - CVE-2018-6140\n Rob Wu discovered a way to bypass restrictions in the\n debugger extension.\n\n - CVE-2018-6141\n Yangkang discovered a buffer overflow issue in the skia\n library.\n\n - CVE-2018-6142\n Choongwoo Han discovered an out-of-bounds read in the v8\n JavaScript library.\n\n - CVE-2018-6143\n Guang Gong discovered an out-of-bounds read in the v8\n JavaScript library.\n\n - CVE-2018-6144\n pdknsk discovered an out-of-bounds read in the pdfium\n library.\n\n - CVE-2018-6145\n Masato Kinugawa discovered an error in the MathML\n implementation.\n\n - CVE-2018-6147\n Michail Pishchagin discovered an error in password entry\n fields.\n\n - CVE-2018-6148\n Michal Bentkowski discovered that the Content Security\n Policy header was handled incorrectly.\n\n - CVE-2018-6149\n Yu Zhou and Jundong Xie discovered an out-of-bounds\n write issue in the v8 JavaScript library.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6121\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6124\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6130\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6138\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6144\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6148\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-6149\"\n );\n # https://security-tracker.debian.org/tracker/source-package/chromium-browser\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e33901a2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4237\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 67.0.3396.87-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"chromedriver\", reference:\"67.0.3396.87-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium\", reference:\"67.0.3396.87-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-driver\", reference:\"67.0.3396.87-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-l10n\", reference:\"67.0.3396.87-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-shell\", reference:\"67.0.3396.87-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-widevine\", reference:\"67.0.3396.87-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2018-06-30T17:24:39", "bulletinFamily": "unix", "description": "This update for Opera 54.0.2952.41 fixes multiple issues.\n\n - CVE-2018-6148: Incorrect handling of CSP header (boo#1096508)\n\n This update to version 54.0.2952.41 also contains all security and bug\n fixes in this upstream version, including all fixes in the chromium engine.\n\n", "modified": "2018-06-30T15:08:12", "published": "2018-06-30T15:08:12", "id": "OPENSUSE-SU-2018:1859-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-06/msg00054.html", "title": "Security update for Opera (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-07-25T17:46:30", "bulletinFamily": "unix", "description": "This update for Chromium to version 67.0.3396.99 fixes multiple issues.\n\n Security issues fixed (bsc#1095163):\n\n - CVE-2018-6123: Use after free in Blink\n - CVE-2018-6124: Type confusion in Blink\n - CVE-2018-6125: Overly permissive policy in WebUSB\n - CVE-2018-6126: Heap buffer overflow in Skia\n - CVE-2018-6127: Use after free in indexedDB\n - CVE-2018-6129: Out of bounds memory access in WebRTC\n - CVE-2018-6130: Out of bounds memory access in WebRTC\n - CVE-2018-6131: Incorrect mutability protection in WebAssembly\n - CVE-2018-6132: Use of uninitialized memory in WebRTC\n - CVE-2018-6133: URL spoof in Omnibox\n - CVE-2018-6134: Referrer Policy bypass in Blink\n - CVE-2018-6135: UI spoofing in Blink\n - CVE-2018-6136: Out of bounds memory access in V8\n - CVE-2018-6137: Leak of visited status of page in Blink\n - CVE-2018-6138: Overly permissive policy in Extensions\n - CVE-2018-6139: Restrictions bypass in the debugger extension API\n - CVE-2018-6140: Restrictions bypass in the debugger extension API\n - CVE-2018-6141: Heap buffer overflow in Skia\n - CVE-2018-6142: Out of bounds memory access in V8\n - CVE-2018-6143: Out of bounds memory access in V8\n - CVE-2018-6144: Out of bounds memory access in PDFium\n - CVE-2018-6145: Incorrect escaping of MathML in Blink\n - CVE-2018-6147: Password fields not taking advantage of OS protections in\n Views\n - CVE-2018-6148: Incorrect handling of CSP header (boo#1096508)\n - CVE-2018-6149: Out of bounds write in V8 (boo#1097452)\n\n The following tracked packaging changes are included:\n\n - Require ffmpeg &gt;= 4.0 (boo#1095545)\n\n", "modified": "2018-07-25T15:08:23", "published": "2018-07-25T15:08:23", "id": "OPENSUSE-SU-2018:2054-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00031.html", "title": "Security update for Chromium (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-07-25T17:46:30", "bulletinFamily": "unix", "description": "This update for Chromium to version 67.0.3396.99 fixes multiple issues.\n\n Security issues fixed (bsc#1095163):\n\n - CVE-2018-6123: Use after free in Blink\n - CVE-2018-6124: Type confusion in Blink\n - CVE-2018-6125: Overly permissive policy in WebUSB\n - CVE-2018-6126: Heap buffer overflow in Skia\n - CVE-2018-6127: Use after free in indexedDB\n - CVE-2018-6129: Out of bounds memory access in WebRTC\n - CVE-2018-6130: Out of bounds memory access in WebRTC\n - CVE-2018-6131: Incorrect mutability protection in WebAssembly\n - CVE-2018-6132: Use of uninitialized memory in WebRTC\n - CVE-2018-6133: URL spoof in Omnibox\n - CVE-2018-6134: Referrer Policy bypass in Blink\n - CVE-2018-6135: UI spoofing in Blink\n - CVE-2018-6136: Out of bounds memory access in V8\n - CVE-2018-6137: Leak of visited status of page in Blink\n - CVE-2018-6138: Overly permissive policy in Extensions\n - CVE-2018-6139: Restrictions bypass in the debugger extension API\n - CVE-2018-6140: Restrictions bypass in the debugger extension API\n - CVE-2018-6141: Heap buffer overflow in Skia\n - CVE-2018-6142: Out of bounds memory access in V8\n - CVE-2018-6143: Out of bounds memory access in V8\n - CVE-2018-6144: Out of bounds memory access in PDFium\n - CVE-2018-6145: Incorrect escaping of MathML in Blink\n - CVE-2018-6147: Password fields not taking advantage of OS protections in\n Views\n - CVE-2018-6148: Incorrect handling of CSP header (boo#1096508)\n - CVE-2018-6149: Out of bounds write in V8 (boo#1097452)\n\n The following tracked packaging changes are included:\n\n - Require ffmpeg &gt;= 4.0 (boo#1095545)\n\n", "modified": "2018-07-25T15:09:58", "published": "2018-07-25T15:09:58", "id": "OPENSUSE-SU-2018:2055-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00032.html", "title": "Security update for Chromium (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "thn": [{"lastseen": "2018-06-06T21:22:03", "bulletinFamily": "info", "description": "[](<https://1.bp.blogspot.com/--lIt9iTPy4o/Wxg1M-uQeuI/AAAAAAAAw-A/RvTj4osV3-kvO4FW9iiCF4hXg718EgdhACLcBGAs/s728-e100/google-chrome-update.png>)\n\nYou must update your Google Chrome now. \n \nSecurity researcher Micha\u0142 Bentkowski discovered and reported a high severity vulnerability in Google Chrome in late May, affecting the web browsing software for all major operating systems including Windows, Mac, and Linux. \n \nWithout revealing any technical detail about the vulnerability, the Chrome security team described the issue as incorrect handling of CSP header (**CVE-2018-6148**) in a [blog post](<https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html>) published today. \n\n\n> \"Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed,\" the Chrome security team notes.\n\nContent Security Policy (CSP) header allows website administrators to add an extra layer of security on a given web page by allowing them to control resources the browser is allowed to load. \n\n\n \nMishandling of CSP headers by your web browser could re-enable attackers to perform cross-site scripting, clickjacking and other types of code injection attacks on any targeted web pages. \n \nThe patch for the vulnerability has already been rolled out to its users in a stable Chrome update 67.0.3396.79 for Windows, Mac, and Linux operating system, which users may have already receive or will receive over the coming days/weeks. \n \nSo, make sure your system is running the updated version of Chrome web browser. We'll update the article, as soon as Google releases further update. \n \nFirefox has also released its new version of the Firefox web browser, [version 60.0.2](<https://www.mozilla.org/en-US/firefox/60.0.2/releasenotes/>), which includes security and bug fixes. So, users of the stable version of Firefox are also recommended to update their browser.\n", "modified": "2018-06-06T19:27:19", "published": "2018-06-06T19:27:00", "id": "THN:DF29659E5A248495936A65E622F049FC", "href": "https://thehackernews.com/2018/06/google-chrome-csp.html", "type": "thn", "title": "Update Google Chrome Immediately to Patch a High Severity Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2019-02-11T20:22:27", "bulletinFamily": "info", "description": "### *Detect date*:\n06/06/2018\n\n### *Severity*:\nWarning\n\n### *Description*:\nA vulnerability related to CSP header handling was found in Google Chrome. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited remotely via a specially designed website.\n\n### *Affected products*:\nGoogle Chrome earlier than 67.0.3396.79\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Download Google Chrome](<Download Google Chrome>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html>) \n\n\n### *Impacts*:\nSB \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2018-6148](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6148>)", "modified": "2018-12-04T00:00:00", "published": "2018-06-06T00:00:00", "id": "KLA11260", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11260", "title": "\r KLA11260SB vulnerability in Google Chrome ", "type": "kaspersky", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2019-07-03T12:42:19", "bulletinFamily": "unix", "description": "\nGoogle Chrome Releases reports:\n\n1 security fix contributed by external researchers:\n\n[845961] High CVE-2018-6148: Incorrect handling of CSP header. Reported by Michal Bentkowski on 2018-05-23\n\n\n", "modified": "2018-06-06T00:00:00", "published": "2018-06-06T00:00:00", "id": "4CB49A23-6C89-11E8-8B33-E8E0B747A45A", "href": "https://vuxml.freebsd.org/freebsd/4cb49a23-6c89-11e8-8b33-e8e0b747a45a.html", "title": "chromium -- Incorrect handling of CSP header", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2019-05-30T02:23:01", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4237-1 security@debian.org\nhttps://www.debian.org/security/ Michael Gilbert\nJune 30, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2018-6118 CVE-2018-6120 CVE-2018-6121 CVE-2018-6122\n CVE-2018-6123 CVE-2018-6124 CVE-2018-6125 CVE-2018-6126\n CVE-2018-6127 CVE-2018-6129 CVE-2018-6130 CVE-2018-6131\n CVE-2018-6132 CVE-2018-6133 CVE-2018-6134 CVE-2018-6135\n CVE-2018-6136 CVE-2018-6137 CVE-2018-6138 CVE-2018-6139\n CVE-2018-6140 CVE-2018-6141 CVE-2018-6142 CVE-2018-6143\n CVE-2018-6144 CVE-2018-6145 CVE-2018-6147 CVE-2018-6148\n CVE-2018-6149\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-6118\n\n Ned Williamson discovered a use-after-free issue.\n\nCVE-2018-6120\n\n Zhou Aiting discovered a buffer overflow issue in the pdfium library.\n\nCVE-2018-6121\n\n It was discovered that malicious extensions could escalate privileges.\n\nCVE-2018-6122\n\n A type confusion issue was discovered in the v8 javascript library.\n\nCVE-2018-6123\n\n Looben Yang discovered a use-after-free issue.\n\nCVE-2018-6124\n\n Guang Gong discovered a type confusion issue.\n\nCVE-2018-6125\n\n Yubico discovered that the WebUSB implementation was too permissive.\n\nCVE-2018-6126\n\n Ivan Fratric discovered a buffer overflow issue in the skia library.\n\nCVE-2018-6127\n\n Looben Yang discovered a use-after-free issue.\n\nCVE-2018-6129\n\n Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.\n\nCVE-2018-6130\n\n Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.\n\nCVE-2018-6131\n\n Natalie Silvanovich discovered an error in WebAssembly.\n\nCVE-2018-6132\n\n Ronald E. Crane discovered an uninitialized memory issue.\n\nCVE-2018-6133\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-6134\n\n Jun Kokatsu discovered a way to bypass the Referrer Policy.\n\nCVE-2018-6135\n\n Jasper Rebane discovered a user interface spoofing issue.\n\nCVE-2018-6136\n\n Peter Wong discovered an out-of-bounds read issue in the v8 javascript\n library.\n\nCVE-2018-6137\n\n Michael Smith discovered an information leak.\n\nCVE-2018-6138\n\n Fran\u00e7ois Lajeunesse-Robert discovered that the extensions policy was\n too permissive.\n\nCVE-2018-6139\n\n Rob Wu discovered a way to bypass restrictions in the debugger extension.\n\nCVE-2018-6140\n\n Rob Wu discovered a way to bypass restrictions in the debugger extension.\n\nCVE-2018-6141\n\n Yangkang discovered a buffer overflow issue in the skia library.\n\nCVE-2018-6142\n\n Choongwoo Han discovered an out-of-bounds read in the v8 javascript\n library.\n\nCVE-2018-6143\n\n Guang Gong discovered an out-of-bounds read in the v8 javascript library.\n\nCVE-2018-6144\n\n pdknsk discovered an out-of-bounds read in the pdfium library.\n\nCVE-2018-6145\n\n Masato Kinugawa discovered an error in the MathML implementation.\n\nCVE-2018-6147\n\n Michail Pishchagin discovered an error in password entry fields.\n\nCVE-2018-6148\n\n Micha\u0142 Bentkowski discovered that the Content Security Policy header\n was handled incorrectly.\n\nCVE-2018-6149\n\n Yu Zhou and Jundong Xie discovered an out-of-bounds write issue in the\n v8 javascript library.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 67.0.3396.87-1~deb9u1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFor the detailed security status of chromium-browser please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium-browser\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2018-07-01T01:01:06", "published": "2018-07-01T01:01:06", "id": "DEBIAN:DSA-4237-1:5AD61", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00166.html", "title": "[SECURITY] [DSA 4237-1] chromium-browser security update", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}