9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.096 Low
EPSS
Percentile
94.6%
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 68.0.3440.75.
Security Fix(es):
chromium-browser: Stack buffer overflow in Skia (CVE-2018-6153)
chromium-browser: Heap buffer overflow in WebGL (CVE-2018-6154)
chromium-browser: Use after free in WebRTC (CVE-2018-6155)
chromium-browser: Heap buffer overflow in WebRTC (CVE-2018-6156)
chromium-browser: Type confusion in WebRTC (CVE-2018-6157)
chromium-browser: Cross origin information disclosure in Service Workers (CVE-2018-6150)
chromium-browser: Bad cast in DevTools (CVE-2018-6151)
chromium-browser: Local file write in DevTools (CVE-2018-6152)
chromium-browser: Use after free in Blink (CVE-2018-6158)
chromium-browser: Same origin policy bypass in ServiceWorker (CVE-2018-6159)
chromium-browser: Same origin policy bypass in WebAudio (CVE-2018-6161)
chromium-browser: Heap buffer overflow in WebGL (CVE-2018-6162)
chromium-browser: URL spoof in Omnibox (CVE-2018-6163)
chromium-browser: Same origin policy bypass in ServiceWorker (CVE-2018-6164)
chromium-browser: URL spoof in Omnibox (CVE-2018-6165)
chromium-browser: URL spoof in Omnibox (CVE-2018-6166)
chromium-browser: URL spoof in Omnibox (CVE-2018-6167)
chromium-browser: CORS bypass in Blink (CVE-2018-6168)
chromium-browser: Permissions bypass in extension installation (CVE-2018-6169)
chromium-browser: Type confusion in PDFium (CVE-2018-6170)
chromium-browser: Use after free in WebBluetooth (CVE-2018-6171)
chromium-browser: URL spoof in Omnibox (CVE-2018-6172)
chromium-browser: URL spoof in Omnibox (CVE-2018-6173)
chromium-browser: Integer overflow in SwiftShader (CVE-2018-6174)
chromium-browser: URL spoof in Omnibox (CVE-2018-6175)
chromium-browser: Local user privilege escalation in Extensions (CVE-2018-6176)
chromium-browser: Cross origin information leak in Blink (CVE-2018-4117)
chromium-browser: Request privilege escalation in Extensions (CVE-2018-6044)
chromium-browser: Cross origin information leak in Blink (CVE-2018-6177)
chromium-browser: UI spoof in Extensions (CVE-2018-6178)
chromium-browser: Local file information leak in Extensions (CVE-2018-6179)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | chromium-browser-debuginfo | < 68.0.3440.75-1.el6_10 | chromium-browser-debuginfo-68.0.3440.75-1.el6_10.x86_64.rpm |
RedHat | 6 | i686 | chromium-browser-debuginfo | < 68.0.3440.75-1.el6_10 | chromium-browser-debuginfo-68.0.3440.75-1.el6_10.i686.rpm |
RedHat | 6 | x86_64 | chromium-browser | < 68.0.3440.75-1.el6_10 | chromium-browser-68.0.3440.75-1.el6_10.x86_64.rpm |
RedHat | 6 | i686 | chromium-browser | < 68.0.3440.75-1.el6_10 | chromium-browser-68.0.3440.75-1.el6_10.i686.rpm |
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.096 Low
EPSS
Percentile
94.6%