ID RHSA-2018:3004 Type redhat Reporter RedHat Modified 2018-10-25T00:57:50
Description
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 70.0.3538.67.
Security Fix(es):
chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)
chromium-browser: Remote code execution in V8 (CVE-2018-17463)
chromium-browser: URL spoof in Omnibox (CVE-2018-17464)
chromium-browser: Use after free in V8 (CVE-2018-17465)
chromium-browser: Memory corruption in Angle (CVE-2018-17466)
lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (CVE-2018-16435)
chromium-browser: URL spoof in Omnibox (CVE-2018-17467)
chromium-browser: Cross-origin URL disclosure in Blink (CVE-2018-17468)
chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)
chromium-browser: Memory corruption in GPU Internals (CVE-2018-17470)
chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17471)
chromium-browser: URL spoof in Omnibox (CVE-2018-17473)
chromium-browser: Use after free in Blink (CVE-2018-17474)
chromium-browser: Lack of limits on update() in ServiceWorker (CVE-2018-5179)
chromium-browser: URL spoof in Omnibox (CVE-2018-17475)
chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17476)
chromium-browser: UI spoof in Extensions (CVE-2018-17477)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
{"id": "RHSA-2018:3004", "hash": "df61d01b3be15605e6683e658af1ad01", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:3004) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 70.0.3538.67.\n\nSecurity Fix(es):\n\n* chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)\n\n* chromium-browser: Remote code execution in V8 (CVE-2018-17463)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17464)\n\n* chromium-browser: Use after free in V8 (CVE-2018-17465)\n\n* chromium-browser: Memory corruption in Angle (CVE-2018-17466)\n\n* lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (CVE-2018-16435)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17467)\n\n* chromium-browser: Cross-origin URL disclosure in Blink (CVE-2018-17468)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)\n\n* chromium-browser: Memory corruption in GPU Internals (CVE-2018-17470)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17471)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17473)\n\n* chromium-browser: Use after free in Blink (CVE-2018-17474)\n\n* chromium-browser: Lack of limits on update() in ServiceWorker (CVE-2018-5179)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17475)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17476)\n\n* chromium-browser: UI spoof in Extensions (CVE-2018-17477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-10-25T00:52:49", "modified": "2018-10-25T00:57:50", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://access.redhat.com/errata/RHSA-2018:3004", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-16435", "CVE-2018-17462", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17465", "CVE-2018-17466", "CVE-2018-17467", "CVE-2018-17468", "CVE-2018-17469", "CVE-2018-17470", "CVE-2018-17471", "CVE-2018-17473", "CVE-2018-17474", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17477", "CVE-2018-5179"], "lastseen": "2019-05-29T14:33:39", "history": [{"bulletin": {"id": "RHSA-2018:3004", "hash": "6b1db27c53c848bfd41abe6b7291895f", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:3004) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 70.0.3538.67.\n\nSecurity Fix(es):\n\n* chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)\n\n* chromium-browser: Remote code execution in V8 (CVE-2018-17463)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17464)\n\n* chromium-browser: Use after free in V8 (CVE-2018-17465)\n\n* chromium-browser: Memory corruption in Angle (CVE-2018-17466)\n\n* lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (CVE-2018-16435)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17467)\n\n* chromium-browser: Cross-origin URL disclosure in Blink (CVE-2018-17468)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)\n\n* chromium-browser: Memory corruption in GPU Internals (CVE-2018-17470)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17471)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17473)\n\n* chromium-browser: Use after free in Blink (CVE-2018-17474)\n\n* chromium-browser: Lack of limits on update() in ServiceWorker (CVE-2018-5179)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17475)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17476)\n\n* chromium-browser: UI spoof in Extensions (CVE-2018-17477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-10-25T00:52:49", "modified": "2018-10-25T00:57:50", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://access.redhat.com/errata/RHSA-2018:3004", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-16435", "CVE-2018-17462", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17465", "CVE-2018-17466", "CVE-2018-17467", "CVE-2018-17468", "CVE-2018-17469", "CVE-2018-17470", "CVE-2018-17471", "CVE-2018-17473", "CVE-2018-17474", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17477", "CVE-2018-5179"], "lastseen": "2018-10-24T22:25:01", "history": [], "viewCount": 108, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-10-24T22:25:01"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-70.0.3538.67-1.el6_10.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-70.0.3538.67-1.el6_10.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser-debuginfo", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-debuginfo-70.0.3538.67-1.el6_10.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser-debuginfo", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-debuginfo-70.0.3538.67-1.el6_10.x86_64.rpm", "operator": "lt"}]}, "lastseen": "2018-10-24T22:25:01", "differentElements": ["cvss"], "edition": 1}, {"bulletin": {"id": "RHSA-2018:3004", "hash": "acd4ae927d247f99350e5e7ee97d055e", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:3004) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 70.0.3538.67.\n\nSecurity Fix(es):\n\n* chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)\n\n* chromium-browser: Remote code execution in V8 (CVE-2018-17463)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17464)\n\n* chromium-browser: Use after free in V8 (CVE-2018-17465)\n\n* chromium-browser: Memory corruption in Angle (CVE-2018-17466)\n\n* lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (CVE-2018-16435)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17467)\n\n* chromium-browser: Cross-origin URL disclosure in Blink (CVE-2018-17468)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)\n\n* chromium-browser: Memory corruption in GPU Internals (CVE-2018-17470)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17471)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17473)\n\n* chromium-browser: Use after free in Blink (CVE-2018-17474)\n\n* chromium-browser: Lack of limits on update() in ServiceWorker (CVE-2018-5179)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17475)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17476)\n\n* chromium-browser: UI spoof in Extensions (CVE-2018-17477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-10-25T00:52:49", "modified": "2018-10-25T00:57:50", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2018:3004", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-16435", "CVE-2018-17462", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17465", "CVE-2018-17466", "CVE-2018-17467", "CVE-2018-17468", "CVE-2018-17469", "CVE-2018-17470", "CVE-2018-17471", "CVE-2018-17473", "CVE-2018-17474", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17477", "CVE-2018-5179"], "lastseen": "2018-11-06T08:37:56", "history": [], "viewCount": 108, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-11-06T08:37:56"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-70.0.3538.67-1.el6_10.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-70.0.3538.67-1.el6_10.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser-debuginfo", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-debuginfo-70.0.3538.67-1.el6_10.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "arch": "x86_64", "packageName": "chromium-browser-debuginfo", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-debuginfo-70.0.3538.67-1.el6_10.x86_64.rpm", "operator": "lt"}]}, "lastseen": "2018-11-06T08:37:56", "differentElements": ["affectedPackage"], "edition": 2}, {"bulletin": {"id": "RHSA-2018:3004", "hash": "39a6f26d449d1f01a70da6c2e275351f", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:3004) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 70.0.3538.67.\n\nSecurity Fix(es):\n\n* chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)\n\n* chromium-browser: Remote code execution in V8 (CVE-2018-17463)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17464)\n\n* chromium-browser: Use after free in V8 (CVE-2018-17465)\n\n* chromium-browser: Memory corruption in Angle (CVE-2018-17466)\n\n* lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (CVE-2018-16435)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17467)\n\n* chromium-browser: Cross-origin URL disclosure in Blink (CVE-2018-17468)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)\n\n* chromium-browser: Memory corruption in GPU Internals (CVE-2018-17470)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17471)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17473)\n\n* chromium-browser: Use after free in Blink (CVE-2018-17474)\n\n* chromium-browser: Lack of limits on update() in ServiceWorker (CVE-2018-5179)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17475)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17476)\n\n* chromium-browser: UI spoof in Extensions (CVE-2018-17477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-10-25T00:52:49", "modified": "2018-10-25T00:57:50", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2018:3004", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-16435", "CVE-2018-17462", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17465", "CVE-2018-17466", "CVE-2018-17467", "CVE-2018-17468", "CVE-2018-17469", "CVE-2018-17470", "CVE-2018-17471", "CVE-2018-17473", "CVE-2018-17474", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17477", "CVE-2018-5179"], "lastseen": "2018-12-11T21:41:35", "history": [], "viewCount": 111, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-12-11T21:41:35"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-70.0.3538.67-1.el6_10.i686.rpm", "operator": "lt"}]}, "lastseen": "2018-12-11T21:41:35", "differentElements": ["cvss"], "edition": 3}, {"bulletin": {"id": "RHSA-2018:3004", "hash": "a31a1c77c33f1bb41d994544be6a2747", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:3004) Important: chromium-browser security update", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 70.0.3538.67.\n\nSecurity Fix(es):\n\n* chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)\n\n* chromium-browser: Remote code execution in V8 (CVE-2018-17463)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17464)\n\n* chromium-browser: Use after free in V8 (CVE-2018-17465)\n\n* chromium-browser: Memory corruption in Angle (CVE-2018-17466)\n\n* lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (CVE-2018-16435)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17467)\n\n* chromium-browser: Cross-origin URL disclosure in Blink (CVE-2018-17468)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)\n\n* chromium-browser: Memory corruption in GPU Internals (CVE-2018-17470)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17471)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17473)\n\n* chromium-browser: Use after free in Blink (CVE-2018-17474)\n\n* chromium-browser: Lack of limits on update() in ServiceWorker (CVE-2018-5179)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17475)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17476)\n\n* chromium-browser: UI spoof in Extensions (CVE-2018-17477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-10-25T00:52:49", "modified": "2018-10-25T00:57:50", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2018:3004", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-16435", "CVE-2018-17462", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17465", "CVE-2018-17466", "CVE-2018-17467", "CVE-2018-17468", "CVE-2018-17469", "CVE-2018-17470", "CVE-2018-17471", "CVE-2018-17473", "CVE-2018-17474", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17477", "CVE-2018-5179"], "lastseen": "2018-12-19T09:56:16", "history": [], "viewCount": 111, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-12-19T09:56:16"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310875299", "OPENVAS:1361412562310876138", "OPENVAS:1361412562310851948", "OPENVAS:1361412562310814096", "OPENVAS:1361412562310704330", "OPENVAS:1361412562310814094", "OPENVAS:1361412562310814095", "OPENVAS:1361412562310851995", "OPENVAS:1361412562310704284", "OPENVAS:1361412562310875139"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2018-3004.NASL", "FEDORA_2018-34F7F68029.NASL", "FEDORA_2018-FD194A1F14.NASL", "OPENSUSE-2018-1253.NASL", "MACOSX_GOOGLE_CHROME_70_0_3538_67.NASL", "OPENSUSE-2018-1208.NASL", "DEBIAN_DSA-4330.NASL", "GOOGLE_CHROME_70_0_3538_67.NASL", "GENTOO_GLSA-201811-10.NASL", "SUSE_SU-2018-3498-1.NASL"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3273-1", "OPENSUSE-SU-2018:3396-1", "OPENSUSE-SU-2018:3835-1", "OPENSUSE-SU-2018:3529-1", "OPENSUSE-SU-2018:4112-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4330-1:C6D67", "DEBIAN:DSA-4284-1:5963D", "DEBIAN:DLA-1496-1:2F059", "DEBIAN:DSA-4354-1:2E2F6", "DEBIAN:DLA-1605-1:758B9"]}, {"type": "kaspersky", "idList": ["KLA11338", "KLA11406"]}, {"type": "threatpost", "idList": ["THREATPOST:2EA02E029D18D4A6E2F53BF8057CCD57"]}, {"type": "cve", "idList": ["CVE-2018-17470", "CVE-2018-17475", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17468", "CVE-2018-17473", "CVE-2018-17471", "CVE-2018-17467", "CVE-2018-16435", "CVE-2018-17476"]}, {"type": "gentoo", "idList": ["GLSA-201811-10"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:AFE5A77EBE4E39A2F02201C20DDD401B"]}, {"type": "ubuntu", "idList": ["USN-3770-1", "USN-3770-2"]}, {"type": "centos", "idList": ["CESA-2018:3833", "CESA-2018:3831", "CESA-2019:0160"]}, {"type": "redhat", "idList": ["RHSA-2018:3833", "RHSA-2019:0160", "RHSA-2018:3831"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3833", "ELSA-2019-0159", "ELSA-2018-3831", "ELSA-2019-0160"]}, {"type": "slackware", "idList": ["SSA-2018-345-01"]}], "modified": "2018-12-19T09:56:16"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-70.0.3538.67-1.el6_10.i686.rpm", "operator": "lt"}]}, "lastseen": "2018-12-19T09:56:16", "differentElements": ["cvss"], "edition": 4}], "viewCount": 111, "enchantments": {"score": {"value": 6.9, "vector": "NONE", "modified": "2019-05-29T14:33:39"}, "dependencies": {"references": [{"type": "nessus", "idList": ["REDHAT-RHSA-2018-3004.NASL", "FEDORA_2018-34F7F68029.NASL", "FEDORA_2018-FD194A1F14.NASL", "MACOSX_GOOGLE_CHROME_70_0_3538_67.NASL", "OPENSUSE-2018-1253.NASL", "GOOGLE_CHROME_70_0_3538_67.NASL", "DEBIAN_DSA-4330.NASL", "OPENSUSE-2018-1208.NASL", "GENTOO_GLSA-201811-10.NASL", "SUSE_SU-2018-3498-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310875299", "OPENVAS:1361412562310876138", "OPENVAS:1361412562310851948", "OPENVAS:1361412562310814096", "OPENVAS:1361412562310814095", "OPENVAS:1361412562310814094", "OPENVAS:1361412562310704330", "OPENVAS:1361412562310851995", "OPENVAS:1361412562310704284", "OPENVAS:1361412562310875106"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3273-1", "OPENSUSE-SU-2018:3396-1", "OPENSUSE-SU-2018:3835-1", "OPENSUSE-SU-2018:3529-1", "OPENSUSE-SU-2018:4112-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4330-1:C6D67", "DEBIAN:DSA-4284-1:5963D", "DEBIAN:DLA-1496-1:2F059", "DEBIAN:DSA-4354-1:2E2F6", "DEBIAN:DLA-1605-1:758B9"]}, {"type": "kaspersky", "idList": ["KLA11338"]}, {"type": "threatpost", "idList": ["THREATPOST:2EA02E029D18D4A6E2F53BF8057CCD57"]}, {"type": "cve", "idList": ["CVE-2018-17471", "CVE-2018-17473", "CVE-2018-17476", "CVE-2018-17464", "CVE-2018-17475", "CVE-2018-17470", "CVE-2018-17468", "CVE-2018-17463", "CVE-2018-17465", "CVE-2018-17462"]}, {"type": "gentoo", "idList": ["GLSA-201811-10"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:AFE5A77EBE4E39A2F02201C20DDD401B"]}, {"type": "ubuntu", "idList": ["USN-3770-1", "USN-3770-2"]}, {"type": "redhat", "idList": ["RHSA-2018:3833", "RHSA-2019:0160", "RHSA-2019:0159"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3833", "ELSA-2018-3831", "ELSA-2019-0160"]}, {"type": "centos", "idList": ["CESA-2018:3833", "CESA-2019:0160", "CESA-2018:3831", "CESA-2019:0159"]}], "modified": "2019-05-29T14:33:39"}, "vulnersScore": 6.9}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "arch": "i686", "packageName": "chromium-browser", "packageVersion": "70.0.3538.67-1.el6_10", "packageFilename": "chromium-browser-70.0.3538.67-1.el6_10.i686.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}
{"nessus": [{"lastseen": "2019-02-21T01:43:26", "bulletinFamily": "scanner", "description": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 70.0.3538.67.\n\nSecurity Fix(es) :\n\n* chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)\n\n* chromium-browser: Remote code execution in V8 (CVE-2018-17463)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17464)\n\n* chromium-browser: Use after free in V8 (CVE-2018-17465)\n\n* chromium-browser: Memory corruption in Angle (CVE-2018-17466)\n\n* lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (CVE-2018-16435)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17467)\n\n* chromium-browser: Cross-origin URL disclosure in Blink (CVE-2018-17468)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)\n\n* chromium-browser: Memory corruption in GPU Internals (CVE-2018-17470)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17471)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17473)\n\n* chromium-browser: Use after free in Blink (CVE-2018-17474)\n\n* chromium-browser: Lack of limits on update() in ServiceWorker (CVE-2018-5179)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17475)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17476)\n\n* chromium-browser: UI spoof in Extensions (CVE-2018-17477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-12-20T00:00:00", "id": "REDHAT-RHSA-2018-3004.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118373", "published": "2018-10-25T00:00:00", "title": "RHEL 6 : chromium-browser (RHSA-2018:3004)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3004. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118373);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/12/20 11:08:46\");\n\n script_cve_id(\"CVE-2018-16435\", \"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-5179\");\n script_xref(name:\"RHSA\", value:\"2018:3004\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2018:3004)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 70.0.3538.67.\n\nSecurity Fix(es) :\n\n* chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)\n\n* chromium-browser: Remote code execution in V8 (CVE-2018-17463)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17464)\n\n* chromium-browser: Use after free in V8 (CVE-2018-17465)\n\n* chromium-browser: Memory corruption in Angle (CVE-2018-17466)\n\n* lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading\nto heap-based buffer overflow (CVE-2018-16435)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17467)\n\n* chromium-browser: Cross-origin URL disclosure in Blink\n(CVE-2018-17468)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)\n\n* chromium-browser: Memory corruption in GPU Internals\n(CVE-2018-17470)\n\n* chromium-browser: Security UI occlusion in full screen mode\n(CVE-2018-17471)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17473)\n\n* chromium-browser: Use after free in Blink (CVE-2018-17474)\n\n* chromium-browser: Lack of limits on update() in ServiceWorker\n(CVE-2018-5179)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17475)\n\n* chromium-browser: Security UI occlusion in full screen mode\n(CVE-2018-17476)\n\n* chromium-browser: UI spoof in Extensions (CVE-2018-17477)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:3004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17462\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17468\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17470\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17473\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17474\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17475\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-17477\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:3004\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-70.0.3538.67-1.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-70.0.3538.67-1.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-70.0.3538.67-1.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-70.0.3538.67-1.el6_10\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:45:06", "bulletinFamily": "scanner", "description": "Update to chromium 70.0.3538.77. Fixes CVE-2018-16435 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475 CVE-2018-17476 CVE-2018-5179 CVE-2018-17477\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2019-01-03T00:00:00", "id": "FEDORA_2018-34F7F68029.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=120342", "published": "2019-01-03T00:00:00", "title": "Fedora 29 : chromium (2018-34f7f68029)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-34f7f68029.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120342);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/01/03 10:25:36\");\n\n script_cve_id(\"CVE-2018-16435\", \"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17472\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-5179\");\n script_xref(name:\"FEDORA\", value:\"2018-34f7f68029\");\n\n script_name(english:\"Fedora 29 : chromium (2018-34f7f68029)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to chromium 70.0.3538.77. Fixes CVE-2018-16435 CVE-2018-17462\nCVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466\nCVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470\nCVE-2018-17471 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475\nCVE-2018-17476 CVE-2018-5179 CVE-2018-17477\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-34f7f68029\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"chromium-70.0.3538.77-4.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:45:20", "bulletinFamily": "scanner", "description": "Security fix for CVE-2018-17478 CVE-2018-17479. Update to 70.0.3538.110.\n\n----\n\nUpdate to chromium 70.0.3538.77. Fixes CVE-2018-16435 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475 CVE-2018-17476 CVE-2018-5179 CVE-2018-17477\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2019-01-03T00:00:00", "id": "FEDORA_2018-FD194A1F14.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=120933", "published": "2019-01-03T00:00:00", "title": "Fedora 28 : chromium (2018-fd194a1f14)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-fd194a1f14.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120933);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/01/03 10:25:36\");\n\n script_cve_id(\"CVE-2018-16435\", \"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17472\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-17478\", \"CVE-2018-17479\", \"CVE-2018-5179\");\n script_xref(name:\"FEDORA\", value:\"2018-fd194a1f14\");\n\n script_name(english:\"Fedora 28 : chromium (2018-fd194a1f14)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-17478 CVE-2018-17479. Update to\n70.0.3538.110.\n\n----\n\nUpdate to chromium 70.0.3538.77. Fixes CVE-2018-16435 CVE-2018-17462\nCVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466\nCVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470\nCVE-2018-17471 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475\nCVE-2018-17476 CVE-2018-5179 CVE-2018-17477\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-fd194a1f14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"chromium-70.0.3538.110-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:43:10", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote macOS host is prior to 70.0.3538.67. It is, therefore, affected by multiple vulnerabilities as noted in Google Chrome stable channel update release notes for 2018/10/16. Please refer to the release notes for additional information. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self- reported version number.", "modified": "2018-11-15T00:00:00", "id": "MACOSX_GOOGLE_CHROME_70_0_3538_67.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118152", "published": "2018-10-16T00:00:00", "title": "Google Chrome < 70.0.3538.67 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118152);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/15 14:41:58\");\n\n script_cve_id(\n \"CVE-2018-5179\",\n \"CVE-2018-17462\",\n \"CVE-2018-17463\",\n \"CVE-2018-17464\",\n \"CVE-2018-17465\",\n \"CVE-2018-17466\",\n \"CVE-2018-17467\",\n \"CVE-2018-17468\",\n \"CVE-2018-17469\",\n \"CVE-2018-17470\",\n \"CVE-2018-17471\",\n \"CVE-2018-17472\",\n \"CVE-2018-17473\",\n \"CVE-2018-17474\",\n \"CVE-2018-17475\",\n \"CVE-2018-17476\",\n \"CVE-2018-17477\"\n );\n\n script_name(english:\"Google Chrome < 70.0.3538.67 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by\nmultiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is\nprior to 70.0.3538.67. It is, therefore, affected by multiple\nvulnerabilities as noted in Google Chrome stable channel update\nrelease notes for 2018/10/16. Please refer to the release notes for\nadditional information. Note that Nessus has not attempted to exploit\nthese issues but has instead relied only on the application's self-\nreported version number.\");\n # https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1c8f5c86\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 70.0.3538.67 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17463\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'70.0.3538.67', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:43:27", "bulletinFamily": "scanner", "description": "This update for Chromium to version 70.0.3538.67 fixes multiple issues.\n\nSecurity issues fixed (bsc#1112111) :\n\n - CVE-2018-17462: Sandbox escape in AppCache\n\n - CVE-2018-17463: Remote code execution in V8\n\n - Heap buffer overflow in Little CMS in PDFium\n\n - CVE-2018-17464: URL spoof in Omnibox\n\n - CVE-2018-17465: Use after free in V8\n\n - CVE-2018-17466: Memory corruption in Angle\n\n - CVE-2018-17467: URL spoof in Omnibox\n\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n\n - CVE-2018-17469: Heap buffer overflow in PDFium\n\n - CVE-2018-17470: Memory corruption in GPU Internals\n\n - CVE-2018-17471: Security UI occlusion in full screen mode\n\n - CVE-2018-17473: URL spoof in Omnibox\n\n - CVE-2018-17474: Use after free in Blink\n\n - CVE-2018-17475: URL spoof in Omnibox\n\n - CVE-2018-17476: Security UI occlusion in full screen mode\n\n - CVE-2018-5179: Lack of limits on update() in ServiceWorker\n\n - CVE-2018-17477: UI spoof in Extensions\n\nVAAPI hardware accelerated rendering is now enabled by default. This update contains the following packaging changes :\n\n - Use the system libusb-1.0 library\n\n - Use bundled harfbuzz library\n\n - Disable gnome-keyring to avoid crashes", "modified": "2018-12-20T00:00:00", "id": "OPENSUSE-2018-1253.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118386", "published": "2018-10-25T00:00:00", "title": "openSUSE Security Update : Chromium (openSUSE-2018-1253)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1253.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118386);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/12/20 11:08:46\");\n\n script_cve_id(\"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17472\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-5179\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2018-1253)\");\n script_summary(english:\"Check for the openSUSE-2018-1253 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for Chromium to version 70.0.3538.67 fixes multiple\nissues.\n\nSecurity issues fixed (bsc#1112111) :\n\n - CVE-2018-17462: Sandbox escape in AppCache\n\n - CVE-2018-17463: Remote code execution in V8\n\n - Heap buffer overflow in Little CMS in PDFium\n\n - CVE-2018-17464: URL spoof in Omnibox\n\n - CVE-2018-17465: Use after free in V8\n\n - CVE-2018-17466: Memory corruption in Angle\n\n - CVE-2018-17467: URL spoof in Omnibox\n\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n\n - CVE-2018-17469: Heap buffer overflow in PDFium\n\n - CVE-2018-17470: Memory corruption in GPU Internals\n\n - CVE-2018-17471: Security UI occlusion in full screen\n mode\n\n - CVE-2018-17473: URL spoof in Omnibox\n\n - CVE-2018-17474: Use after free in Blink\n\n - CVE-2018-17475: URL spoof in Omnibox\n\n - CVE-2018-17476: Security UI occlusion in full screen\n mode\n\n - CVE-2018-5179: Lack of limits on update() in\n ServiceWorker\n\n - CVE-2018-17477: UI spoof in Extensions\n\nVAAPI hardware accelerated rendering is now enabled by default. This\nupdate contains the following packaging changes :\n\n - Use the system libusb-1.0 library\n\n - Use bundled harfbuzz library\n\n - Disable gnome-keyring to avoid crashes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112111\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-70.0.3538.67-179.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-debuginfo-70.0.3538.67-179.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-70.0.3538.67-179.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debuginfo-70.0.3538.67-179.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debugsource-70.0.3538.67-179.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:43:11", "bulletinFamily": "scanner", "description": "The version of Google Chrome installed on the remote Windows host is prior to 70.0.3538.67. It is, therefore, affected by multiple vulnerabilities as noted in Google Chrome stable channel update release notes for 2018/10/16. Please refer to the release notes for additional information. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self- reported version number.", "modified": "2018-11-15T00:00:00", "id": "GOOGLE_CHROME_70_0_3538_67.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118153", "published": "2018-10-16T00:00:00", "title": "Google Chrome < 70.0.3538.67 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118153);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/15 14:41:58\");\n\n script_cve_id(\n \"CVE-2018-5179\",\n \"CVE-2018-17462\",\n \"CVE-2018-17463\",\n \"CVE-2018-17464\",\n \"CVE-2018-17465\",\n \"CVE-2018-17466\",\n \"CVE-2018-17467\",\n \"CVE-2018-17468\",\n \"CVE-2018-17469\",\n \"CVE-2018-17470\",\n \"CVE-2018-17471\",\n \"CVE-2018-17472\",\n \"CVE-2018-17473\",\n \"CVE-2018-17474\",\n \"CVE-2018-17475\",\n \"CVE-2018-17476\",\n \"CVE-2018-17477\"\n );\n\n script_name(english:\"Google Chrome < 70.0.3538.67 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by\nmultiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 70.0.3538.67. It is, therefore, affected by multiple\nvulnerabilities as noted in Google Chrome stable channel update\nrelease notes for 2018/10/16. Please refer to the release notes for\nadditional information. Note that Nessus has not attempted to exploit\nthese issues but has instead relied only on the application's self-\nreported version number.\");\n # https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1c8f5c86\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 70.0.3538.67 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-17463\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'70.0.3538.67', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:43:48", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\n - CVE-2018-5179 Yannic Boneberger discovered an error in the ServiceWorker implementation.\n\n - CVE-2018-17462 Ned Williamson and Niklas Baumstark discovered a way to escape the sandbox.\n\n - CVE-2018-17463 Ned Williamson and Niklas Baumstark discovered a remote code execution issue in the v8 JavaScript library.\n\n - CVE-2018-17464 xisigr discovered a URL spoofing issue.\n\n - CVE-2018-17465 Lin Zuojian discovered a use-after-free issue in the v8 JavaScript library.\n\n - CVE-2018-17466 Omair discovered a memory corruption issue in the angle library.\n\n - CVE-2018-17467 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-17468 Jams Lee discovered an information disclosure issue.\n\n - CVE-2018-17469 Zhen Zhou discovered a buffer overflow issue in the pdfium library.\n\n - CVE-2018-17470 Zhe Jin discovered a memory corruption issue in the GPU backend implementation.\n\n - CVE-2018-17471 Lnyas Zhang discovered an issue with the full screen user interface.\n\n - CVE-2018-17473 Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-17474 Zhe Jin discovered a use-after-free issue.\n\n - CVE-2018-17475 Vladimir Metnew discovered a URL spoofing issue.\n\n - CVE-2018-17476 Khalil Zhani discovered an issue with the full screen user interface.\n\n - CVE-2018-17477 Aaron Muir Hamilton discovered a user interface spoofing issue in the extensions pane.\n\nThis update also fixes a buffer overflow in the embedded lcms library included with chromium.", "modified": "2018-12-20T00:00:00", "id": "DEBIAN_DSA-4330.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118719", "published": "2018-11-05T00:00:00", "title": "Debian DSA-4330-1 : chromium-browser - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4330. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118719);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/12/20 11:08:44\");\n\n script_cve_id(\"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-5179\");\n script_xref(name:\"DSA\", value:\"4330\");\n\n script_name(english:\"Debian DSA-4330-1 : chromium-browser - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2018-5179\n Yannic Boneberger discovered an error in the\n ServiceWorker implementation.\n\n - CVE-2018-17462\n Ned Williamson and Niklas Baumstark discovered a way to\n escape the sandbox.\n\n - CVE-2018-17463\n Ned Williamson and Niklas Baumstark discovered a remote\n code execution issue in the v8 JavaScript library.\n\n - CVE-2018-17464\n xisigr discovered a URL spoofing issue.\n\n - CVE-2018-17465\n Lin Zuojian discovered a use-after-free issue in the v8\n JavaScript library.\n\n - CVE-2018-17466\n Omair discovered a memory corruption issue in the angle\n library.\n\n - CVE-2018-17467\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-17468\n Jams Lee discovered an information disclosure issue.\n\n - CVE-2018-17469\n Zhen Zhou discovered a buffer overflow issue in the\n pdfium library.\n\n - CVE-2018-17470\n Zhe Jin discovered a memory corruption issue in the GPU\n backend implementation.\n\n - CVE-2018-17471\n Lnyas Zhang discovered an issue with the full screen\n user interface.\n\n - CVE-2018-17473\n Khalil Zhani discovered a URL spoofing issue.\n\n - CVE-2018-17474\n Zhe Jin discovered a use-after-free issue.\n\n - CVE-2018-17475\n Vladimir Metnew discovered a URL spoofing issue.\n\n - CVE-2018-17476\n Khalil Zhani discovered an issue with the full screen\n user interface.\n\n - CVE-2018-17477\n Aaron Muir Hamilton discovered a user interface spoofing\n issue in the extensions pane.\n\nThis update also fixes a buffer overflow in the embedded lcms library\nincluded with chromium.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-5179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17462\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17468\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17469\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17470\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17473\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17474\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17475\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-17477\"\n );\n # https://security-tracker.debian.org/tracker/source-package/chromium-browser\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e33901a2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/chromium-browser\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4330\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium-browser packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 70.0.3538.67-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"chromedriver\", reference:\"70.0.3538.67-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium\", reference:\"70.0.3538.67-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-driver\", reference:\"70.0.3538.67-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-l10n\", reference:\"70.0.3538.67-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-shell\", reference:\"70.0.3538.67-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-widevine\", reference:\"70.0.3538.67-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:43:22", "bulletinFamily": "scanner", "description": "This update for Chromium to version 70.0.3538.67 fixes multiple issues.\n\nSecurity issues fixed (bsc#1112111) :\n\n - CVE-2018-17462: Sandbox escape in AppCache\n\n - CVE-2018-17463: Remote code execution in V8\n\n - Heap buffer overflow in Little CMS in PDFium\n\n - CVE-2018-17464: URL spoof in Omnibox\n\n - CVE-2018-17465: Use after free in V8\n\n - CVE-2018-17466: Memory corruption in Angle\n\n - CVE-2018-17467: URL spoof in Omnibox\n\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n\n - CVE-2018-17469: Heap buffer overflow in PDFium\n\n - CVE-2018-17470: Memory corruption in GPU Internals\n\n - CVE-2018-17471: Security UI occlusion in full screen mode\n\n - CVE-2018-17473: URL spoof in Omnibox\n\n - CVE-2018-17474: Use after free in Blink\n\n - CVE-2018-17475: URL spoof in Omnibox\n\n - CVE-2018-17476: Security UI occlusion in full screen mode\n\n - CVE-2018-5179: Lack of limits on update() in ServiceWorker\n\n - CVE-2018-17477: UI spoof in Extensions VAAPI hardware accelerated rendering is now enabled by default.\n\nThis update contains the following packaging changes :\n\n - Use the system libusb-1.0 library\n\n - Use bundled harfbuzz library\n\n - Disable gnome-keyring to avoid crashes", "modified": "2018-12-20T00:00:00", "id": "OPENSUSE-2018-1208.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118317", "published": "2018-10-23T00:00:00", "title": "openSUSE Security Update : Chromium (openSUSE-2018-1208)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1208.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118317);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/12/20 11:08:46\");\n\n script_cve_id(\"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17472\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-5179\");\n\n script_name(english:\"openSUSE Security Update : Chromium (openSUSE-2018-1208)\");\n script_summary(english:\"Check for the openSUSE-2018-1208 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for Chromium to version 70.0.3538.67 fixes multiple\nissues.\n\nSecurity issues fixed (bsc#1112111) :\n\n - CVE-2018-17462: Sandbox escape in AppCache\n\n - CVE-2018-17463: Remote code execution in V8\n\n - Heap buffer overflow in Little CMS in PDFium\n\n - CVE-2018-17464: URL spoof in Omnibox\n\n - CVE-2018-17465: Use after free in V8\n\n - CVE-2018-17466: Memory corruption in Angle\n\n - CVE-2018-17467: URL spoof in Omnibox\n\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n\n - CVE-2018-17469: Heap buffer overflow in PDFium\n\n - CVE-2018-17470: Memory corruption in GPU Internals\n\n - CVE-2018-17471: Security UI occlusion in full screen\n mode\n\n - CVE-2018-17473: URL spoof in Omnibox\n\n - CVE-2018-17474: Use after free in Blink\n\n - CVE-2018-17475: URL spoof in Omnibox\n\n - CVE-2018-17476: Security UI occlusion in full screen\n mode\n\n - CVE-2018-5179: Lack of limits on update() in\n ServiceWorker\n\n - CVE-2018-17477: UI spoof in Extensions VAAPI hardware\n accelerated rendering is now enabled by default.\n\nThis update contains the following packaging changes :\n\n - Use the system libusb-1.0 library\n\n - Use bundled harfbuzz library\n\n - Disable gnome-keyring to avoid crashes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112111\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromedriver-70.0.3538.67-lp150.2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromedriver-debuginfo-70.0.3538.67-lp150.2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-70.0.3538.67-lp150.2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-debuginfo-70.0.3538.67-lp150.2.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-debugsource-70.0.3538.67-lp150.2.20.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:44:09", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201811-10 (Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers and Google Chrome Releases for details.\n Impact :\n\n A remote attacker could execute arbitrary code, escalate privileges, cause a heap buffer overflow, obtain sensitive information, or spoof a URL.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-12-20T00:00:00", "id": "GENTOO_GLSA-201811-10.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=119130", "published": "2018-11-26T00:00:00", "title": "GLSA-201811-10 : Chromium: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201811-10.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119130);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/12/20 11:08:44\");\n\n script_cve_id(\"CVE-2018-16065\", \"CVE-2018-16066\", \"CVE-2018-16067\", \"CVE-2018-16068\", \"CVE-2018-16069\", \"CVE-2018-16070\", \"CVE-2018-16071\", \"CVE-2018-16072\", \"CVE-2018-16073\", \"CVE-2018-16074\", \"CVE-2018-16075\", \"CVE-2018-16076\", \"CVE-2018-16077\", \"CVE-2018-16078\", \"CVE-2018-16079\", \"CVE-2018-16080\", \"CVE-2018-16081\", \"CVE-2018-16082\", \"CVE-2018-16083\", \"CVE-2018-16084\", \"CVE-2018-16085\", \"CVE-2018-16086\", \"CVE-2018-16087\", \"CVE-2018-16088\", \"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17472\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-5179\");\n script_xref(name:\"GLSA\", value:\"201811-10\");\n\n script_name(english:\"GLSA-201811-10 : Chromium: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201811-10\n(Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and Google\n Chrome. Please review the referenced CVE identifiers and Google Chrome\n Releases for details.\n \nImpact :\n\n A remote attacker could execute arbitrary code, escalate privileges,\n cause a heap buffer overflow, obtain sensitive information, or spoof a\n URL.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201811-10\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-70.0.3538.67'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 70.0.3538.67\"), vulnerable:make_list(\"lt 70.0.3538.67\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:45:02", "bulletinFamily": "scanner", "description": "This update for lcms2 fixes the following issues :\n\nCVE-2018-16435: A integer overflow was fixed in the AllocateDataSet function in cmscgats.c, that could lead to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. (bsc#1108813)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2019-01-02T00:00:00", "id": "SUSE_SU-2018-3498-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=120148", "published": "2019-01-02T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : lcms2 (SUSE-SU-2018:3498-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3498-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120148);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/01/02 10:36:38\");\n\n script_cve_id(\"CVE-2018-16435\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : lcms2 (SUSE-SU-2018:3498-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for lcms2 fixes the following issues :\n\nCVE-2018-16435: A integer overflow was fixed in the AllocateDataSet\nfunction in cmscgats.c, that could lead to a heap-based buffer\noverflow in the SetData function via a crafted file in the second\nargument to cmsIT8LoadFromFile. (bsc#1108813)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16435/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183498-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b7d41bba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2504=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"lcms2-debuginfo-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"lcms2-debugsource-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"liblcms2-2-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"liblcms2-2-debuginfo-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"liblcms2-devel-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"lcms2-debuginfo-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"lcms2-debugsource-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"liblcms2-2-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"liblcms2-2-debuginfo-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"liblcms2-devel-2.9-3.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:33:04", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-12-04T00:00:00", "id": "OPENVAS:1361412562310875299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875299", "title": "Fedora Update for chromium FEDORA-2018-fd194a1f14", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_fd194a1f14_chromium_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for chromium FEDORA-2018-fd194a1f14\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875299\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-17478\", \"CVE-2018-17479\", \"CVE-2018-16435\", \"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-5179\", \"CVE-2018-17477\", \"CVE-2018-17472\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:19:58 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for chromium FEDORA-2018-fd194a1f14\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-fd194a1f14\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGYVJ7TOEEFWMXPEHXQHYSD6LDOEY736\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the FEDORA-2018-fd194a1f14 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"chromium on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~70.0.3538.110~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310876138", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876138", "title": "Fedora Update for chromium FEDORA-2018-34f7f68029", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876138\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-16435\", \"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-5179\", \"CVE-2018-17477\", \"CVE-2018-17472\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:36:12 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for chromium FEDORA-2018-34f7f68029\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-34f7f68029\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KYL6GLSQ3DFIIUGOB2ARZJOC7JED6YW\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the FEDORA-2018-34f7f68029 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium is an open-source web browser, powered by WebKit (Blink).\");\n\n script_tag(name:\"affected\", value:\"'chromium' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~70.0.3538.77~4.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:39", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-05-03T00:00:00", "published": "2018-10-25T00:00:00", "id": "OPENVAS:1361412562310851948", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851948", "title": "SuSE Update for Chromium openSUSE-SU-2018:3396-1 (Chromium)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for Chromium openSUSE-SU-2018:3396-1 (Chromium)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851948\");\n script_version(\"2019-05-03T10:20:18+0000\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 10:20:18 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-25 06:00:36 +0200 (Thu, 25 Oct 2018)\");\n script_cve_id(\"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17472\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-5179\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for Chromium openSUSE-SU-2018:3396-1 (Chromium)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Chromium'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"This update for Chromium to version 70.0.3538.67 fixes multiple issues.\n\n Security issues fixed (bsc#1112111):\n\n - CVE-2018-17462: Sandbox escape in AppCache\n\n - CVE-2018-17463: Remote code execution in V8\n\n - Heap buffer overflow in Little CMS in PDFium\n\n - CVE-2018-17464: URL spoof in Omnibox\n\n - CVE-2018-17465: Use after free in V8\n\n - CVE-2018-17466: Memory corruption in Angle\n\n - CVE-2018-17467: URL spoof in Omnibox\n\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n\n - CVE-2018-17469: Heap buffer overflow in PDFium\n\n - CVE-2018-17470: Memory corruption in GPU Internals\n\n - CVE-2018-17471: Security UI occlusion in full screen mode\n\n - CVE-2018-17473: URL spoof in Omnibox\n\n - CVE-2018-17474: Use after free in Blink\n\n - CVE-2018-17475: URL spoof in Omnibox\n\n - CVE-2018-17476: Security UI occlusion in full screen mode\n\n - CVE-2018-5179: Lack of limits on update() in ServiceWorker\n\n - CVE-2018-17477: UI spoof in Extensions\n\n VAAPI hardware accelerated rendering is now enabled by default.\n\n This update contains the following packaging changes:\n\n - Use the system libusb-1.0 library\n\n - Use bundled harfbuzz library\n\n - Disable gnome-keyring to avoid crashes\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-1253=1\");\n script_tag(name:\"affected\", value:\"Chromium on openSUSE Leap 42.3\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3396_1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00062.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSELeap42.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~70.0.3538.67~179.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~70.0.3538.67~179.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~70.0.3538.67~179.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~70.0.3538.67~179.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~70.0.3538.67~179.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:49", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2018-10-17T00:00:00", "id": "OPENVAS:1361412562310814096", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814096", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Mac OS X", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Mac OS X\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814096\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-5179\", \"CVE-2018-17477\", \"CVE-2018-17476\", \"CVE-2018-17475\",\n \"CVE-2018-17474\", \"CVE-2018-17473\", \"CVE-2018-17462\", \"CVE-2018-17471\",\n \"CVE-2018-17470\", \"CVE-2018-17469\", \"CVE-2018-17468\", \"CVE-2018-17467\",\n \"CVE-2018-17466\", \"CVE-2018-17465\", \"CVE-2018-17464\", \"CVE-2018-17463\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-17 11:15:41 +0530 (Wed, 17 Oct 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Mac OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Sandbox escape in AppCache.\n\n - An input validation error in V8.\n\n - Heap buffer overflow error in Little CMS in PDFium.\n\n - Multiple URL and UI spoofing errors in Omnibox and Extensions.\n\n - Multiple memory corruption errors in Angle and GPU Internals.\n\n - Multiple use after free errors in V8 and Blink.\n\n - Lack of limits on 'update' function in ServiceWorker.\n\n - Security UI occlusion in full screen mode.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attackers\n to bypass security restrictions, execute arbitrary code, conduct spoofing attack\n and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 70.0.3538.67 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 70.0.3538.67\n or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nchr_ver = infos['version'];\nchr_path = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"70.0.3538.67\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"70.0.3538.67\", install_path:chr_path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:49", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2018-10-17T00:00:00", "id": "OPENVAS:1361412562310814095", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814095", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Linux", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Linux\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814095\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-5179\", \"CVE-2018-17477\", \"CVE-2018-17476\", \"CVE-2018-17475\",\n \"CVE-2018-17474\", \"CVE-2018-17473\", \"CVE-2018-17462\", \"CVE-2018-17471\",\n \"CVE-2018-17470\", \"CVE-2018-17469\", \"CVE-2018-17468\", \"CVE-2018-17467\",\n \"CVE-2018-17466\", \"CVE-2018-17465\", \"CVE-2018-17464\", \"CVE-2018-17463\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-17 11:15:02 +0530 (Wed, 17 Oct 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Sandbox escape in AppCache.\n\n - An input validation error in V8.\n\n - Heap buffer overflow error in Little CMS in PDFium.\n\n - Multiple URL and UI spoofing errors in Omnibox and Extensions.\n\n - Multiple memory corruption errors in Angle and GPU Internals.\n\n - Multiple use after free errors in V8 and Blink.\n\n - Lack of limits on 'update' function in ServiceWorker.\n\n - Security UI occlusion in full screen mode.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attackers\n to bypass security restrictions, execute arbitrary code, conduct spoofing attack\n and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 70.0.3538.67 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 70.0.3538.67\n or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nchr_ver = infos['version'];\nchr_path = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"70.0.3538.67\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"70.0.3538.67\", install_path:chr_path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:51", "bulletinFamily": "scanner", "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2018-10-17T00:00:00", "id": "OPENVAS:1361412562310814094", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814094", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Windows", "type": "openvas", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Windows\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814094\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-5179\", \"CVE-2018-17477\", \"CVE-2018-17476\", \"CVE-2018-17475\",\n \"CVE-2018-17474\", \"CVE-2018-17473\", \"CVE-2018-17462\", \"CVE-2018-17471\",\n \"CVE-2018-17470\", \"CVE-2018-17469\", \"CVE-2018-17468\", \"CVE-2018-17467\",\n \"CVE-2018-17466\", \"CVE-2018-17465\", \"CVE-2018-17464\", \"CVE-2018-17463\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-17 10:35:08 +0530 (Wed, 17 Oct 2018)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop-2018-10)-Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Sandbox escape in AppCache.\n\n - An input validation error in V8.\n\n - Heap buffer overflow error in Little CMS in PDFium.\n\n - Multiple URL and UI spoofing errors in Omnibox and Extensions.\n\n - Multiple memory corruption errors in Angle and GPU Internals.\n\n - Multiple use after free errors in V8 and Blink.\n\n - Lack of limits on 'update' function in ServiceWorker.\n\n - Security UI occlusion in full screen mode.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attackers\n to bypass security restrictions, execute arbitrary code, conduct spoofing attack\n and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 70.0.3538.67 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 70.0.3538.67\n or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html\");\n script_xref(name:\"URL\", value:\"http://www.google.com/chrome\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nchr_ver = infos['version'];\nchr_path = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"70.0.3538.67\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"70.0.3538.67\", install_path:chr_path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:32", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-5179\nYannic Boneberger discovered an error in the ServiceWorker implementation.\n\nCVE-2018-17462\nNed Williamson and Niklas Baumstark discovered a way to escape the sandbox.\n\nCVE-2018-17463\nNed Williamson and Niklas Baumstark discovered a remote code execution\nissue in the v8 javascript library.\n\nCVE-2018-17464\nxisigr discovered a URL spoofing issue.\n\nCVE-2018-17465\nLin Zuojian discovered a use-after-free issue in the v8 javascript\nlibrary.\n\nCVE-2018-17466\nOmair discovered a memory corruption issue in the angle library.\n\nCVE-2018-17467\nKhalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-17468\nJams Lee discovered an information disclosure issue.\n\nCVE-2018-17469\nZhen Zhou discovered a buffer overflow issue in the pdfium library.\n\nCVE-2018-17470\nZhe Jin discovered a memory corruption issue in the GPU backend\nimplementation.\n\nCVE-2018-17471\nLnyas Zhang discovered an issue with the full screen user interface.\n\nCVE-2018-17473\nKhalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-17474\nZhe Jin discovered a use-after-free issue.\n\nCVE-2018-17475\nVladimir Metnew discovered a URL spoofing issue.\n\nCVE-2018-17476\nKhalil Zhani discovered an issue with the full screen user interface.\n\nCVE-2018-17477\nAaron Muir Hamilton discovered a user interface spoofing issue in the\nextensions pane.\n\nThis update also fixes a buffer overflow in the embedded lcms library included\nwith chromium.", "modified": "2019-05-03T00:00:00", "published": "2018-11-02T00:00:00", "id": "OPENVAS:1361412562310704330", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704330", "title": "Debian Security Advisory DSA 4330-1 (chromium-browser - security update)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4330-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704330\");\n script_version(\"2019-05-03T10:20:18+0000\");\n script_cve_id(\"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\",\n \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\",\n \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\",\n \"CVE-2018-5179\");\n script_name(\"Debian Security Advisory DSA 4330-1 (chromium-browser - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 10:20:18 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-02 00:00:00 +0100 (Fri, 02 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4330.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"chromium-browser on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 70.0.3538.67-1~deb9u1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFor the detailed security status of chromium-browser please refer to\nits security tracker page linked in the references.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/chromium-browser\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-5179\nYannic Boneberger discovered an error in the ServiceWorker implementation.\n\nCVE-2018-17462\nNed Williamson and Niklas Baumstark discovered a way to escape the sandbox.\n\nCVE-2018-17463\nNed Williamson and Niklas Baumstark discovered a remote code execution\nissue in the v8 javascript library.\n\nCVE-2018-17464\nxisigr discovered a URL spoofing issue.\n\nCVE-2018-17465\nLin Zuojian discovered a use-after-free issue in the v8 javascript\nlibrary.\n\nCVE-2018-17466\nOmair discovered a memory corruption issue in the angle library.\n\nCVE-2018-17467\nKhalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-17468\nJams Lee discovered an information disclosure issue.\n\nCVE-2018-17469\nZhen Zhou discovered a buffer overflow issue in the pdfium library.\n\nCVE-2018-17470\nZhe Jin discovered a memory corruption issue in the GPU backend\nimplementation.\n\nCVE-2018-17471\nLnyas Zhang discovered an issue with the full screen user interface.\n\nCVE-2018-17473\nKhalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-17474\nZhe Jin discovered a use-after-free issue.\n\nCVE-2018-17475\nVladimir Metnew discovered a URL spoofing issue.\n\nCVE-2018-17476\nKhalil Zhani discovered an issue with the full screen user interface.\n\nCVE-2018-17477\nAaron Muir Hamilton discovered a user interface spoofing issue in the\nextensions pane.\n\nThis update also fixes a buffer overflow in the embedded lcms library included\nwith chromium.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"chromedriver\", ver:\"70.0.3538.67-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium\", ver:\"70.0.3538.67-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-driver\", ver:\"70.0.3538.67-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"70.0.3538.67-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-shell\", ver:\"70.0.3538.67-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"chromium-widevine\", ver:\"70.0.3538.67-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:40", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-05-03T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310851995", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851995", "title": "SuSE Update for Chromium openSUSE-SU-2018:3273-1 (Chromium)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for Chromium openSUSE-SU-2018:3273-1 (Chromium)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851995\");\n script_version(\"2019-05-03T10:20:18+0000\");\n script_cve_id(\"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17472\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-17477\", \"CVE-2018-5179\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 10:20:18 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:30:34 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"SuSE Update for Chromium openSUSE-SU-2018:3273-1 (Chromium)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3273_1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00044.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Chromium'\n package(s) announced via the openSUSE-SU-2018:3273_1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for Chromium to version 70.0.3538.67 fixes multiple issues.\n\n Security issues fixed (bsc#1112111):\n\n - CVE-2018-17462: Sandbox escape in AppCache\n\n - CVE-2018-17463: Remote code execution in V8\n\n - Heap buffer overflow in Little CMS in PDFium\n\n - CVE-2018-17464: URL spoof in Omnibox\n\n - CVE-2018-17465: Use after free in V8\n\n - CVE-2018-17466: Memory corruption in Angle\n\n - CVE-2018-17467: URL spoof in Omnibox\n\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n\n - CVE-2018-17469: Heap buffer overflow in PDFium\n\n - CVE-2018-17470: Memory corruption in GPU Internals\n\n - CVE-2018-17471: Security UI occlusion in full screen mode\n\n - CVE-2018-17473: URL spoof in Omnibox\n\n - CVE-2018-17474: Use after free in Blink\n\n - CVE-2018-17475: URL spoof in Omnibox\n\n - CVE-2018-17476: Security UI occlusion in full screen mode\n\n - CVE-2018-5179: Lack of limits on update() in ServiceWorker\n\n - CVE-2018-17477: UI spoof in Extensions\n\n VAAPI hardware accelerated rendering is now enabled by default.\n\n This update contains the following packaging changes:\n\n - Use the system libusb-1.0 library\n\n - Use bundled harfbuzz library\n\n - Disable gnome-keyring to avoid crashes\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1208=1\n\n - openSUSE Backports SLE-15:\n\n zypper in -t patch openSUSE-2018-1208=1\");\n\n script_tag(name:\"affected\", value:\"Chromium on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"openSUSELeap15.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~70.0.3538.67~lp150.2.20.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~70.0.3538.67~lp150.2.20.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~70.0.3538.67~lp150.2.20.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~70.0.3538.67~lp150.2.20.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~70.0.3538.67~lp150.2.20.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:29", "bulletinFamily": "scanner", "description": "Quang Nguyen discovered an integer overflow in the Little CMS 2 colour\nmanagement library, which could result in denial of service and potentially the\nexecution of arbitrary code if a malformed IT8 calibration file is\nprocessed.", "modified": "2019-03-18T00:00:00", "published": "2018-09-04T00:00:00", "id": "OPENVAS:1361412562310704284", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704284", "title": "Debian Security Advisory DSA 4284-1 (lcms2 - security update)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_4284.nasl 14270 2019-03-18 14:24:29Z cfischer $\n#\n# Auto-generated from advisory DSA 4284-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704284\");\n script_version(\"$Revision: 14270 $\");\n script_cve_id(\"CVE-2018-16435\");\n script_name(\"Debian Security Advisory DSA 4284-1 (lcms2 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:24:29 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-04 00:00:00 +0200 (Tue, 04 Sep 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4284.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"lcms2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), this problem has been fixed in\nversion 2.8-4+deb9u1.\n\nWe recommend that you upgrade your lcms2 packages.\n\nFor the detailed security status of lcms2 please refer to\nits security tracker page linked in the references.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/lcms2\");\n script_tag(name:\"summary\", value:\"Quang Nguyen discovered an integer overflow in the Little CMS 2 colour\nmanagement library, which could result in denial of service and potentially the\nexecution of arbitrary code if a malformed IT8 calibration file is\nprocessed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.8-4+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-dev\", ver:\"2.8-4+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.8-4+deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:44", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2018-10-28T00:00:00", "id": "OPENVAS:1361412562310852105", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852105", "title": "SuSE Update for lcms2 openSUSE-SU-2018:3529-1 (lcms2)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2018_3529_1.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# SuSE Update for lcms2 openSUSE-SU-2018:3529-1 (lcms2)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852105\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2018-16435\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-28 06:04:16 +0100 (Sun, 28 Oct 2018)\");\n script_name(\"SuSE Update for lcms2 openSUSE-SU-2018:3529-1 (lcms2)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3529_1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00081.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'lcms2'\n package(s) announced via the openSUSE-SU-2018:3529_1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for lcms2 fixes the following issues:\n\n - CVE-2018-16435: Heap-based buffer overflow via a crafted file in the\n second argument to cmsIT8LoadFromFile (bsc#1108813)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1327=1\");\n\n script_tag(name:\"affected\", value:\"lcms2 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"openSUSELeap15.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lcms2-debuginfo\", rpm:\"lcms2-debuginfo~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lcms2-debugsource\", rpm:\"lcms2-debugsource~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblcms2-2\", rpm:\"liblcms2-2~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblcms2-2-debuginfo\", rpm:\"liblcms2-2-debuginfo~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblcms2-devel\", rpm:\"liblcms2-devel~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblcms2-doc\", rpm:\"liblcms2-doc~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblcms2-2-32bit\", rpm:\"liblcms2-2-32bit~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblcms2-2-32bit-debuginfo\", rpm:\"liblcms2-2-32bit-debuginfo~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"liblcms2-devel-32bit\", rpm:\"liblcms2-devel-32bit~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2018-10-22T16:31:01", "bulletinFamily": "unix", "description": "This update for Chromium to version 70.0.3538.67 fixes multiple issues.\n\n Security issues fixed (bsc#1112111):\n\n - CVE-2018-17462: Sandbox escape in AppCache\n - CVE-2018-17463: Remote code execution in V8\n - Heap buffer overflow in Little CMS in PDFium\n - CVE-2018-17464: URL spoof in Omnibox\n - CVE-2018-17465: Use after free in V8\n - CVE-2018-17466: Memory corruption in Angle\n - CVE-2018-17467: URL spoof in Omnibox\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n - CVE-2018-17469: Heap buffer overflow in PDFium\n - CVE-2018-17470: Memory corruption in GPU Internals\n - CVE-2018-17471: Security UI occlusion in full screen mode\n - CVE-2018-17473: URL spoof in Omnibox\n - CVE-2018-17474: Use after free in Blink\n - CVE-2018-17475: URL spoof in Omnibox\n - CVE-2018-17476: Security UI occlusion in full screen mode\n - CVE-2018-5179: Lack of limits on update() in ServiceWorker\n - CVE-2018-17477: UI spoof in Extensions\n\n VAAPI hardware accelerated rendering is now enabled by default.\n\n This update contains the following packaging changes:\n\n - Use the system libusb-1.0 library\n - Use bundled harfbuzz library\n - Disable gnome-keyring to avoid crashes\n\n", "modified": "2018-10-22T15:16:54", "published": "2018-10-22T15:16:54", "id": "OPENSUSE-SU-2018:3273-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00044.html", "title": "Security update for Chromium (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-10-24T22:31:11", "bulletinFamily": "unix", "description": "This update for Chromium to version 70.0.3538.67 fixes multiple issues.\n\n Security issues fixed (bsc#1112111):\n\n - CVE-2018-17462: Sandbox escape in AppCache\n - CVE-2018-17463: Remote code execution in V8\n - Heap buffer overflow in Little CMS in PDFium\n - CVE-2018-17464: URL spoof in Omnibox\n - CVE-2018-17465: Use after free in V8\n - CVE-2018-17466: Memory corruption in Angle\n - CVE-2018-17467: URL spoof in Omnibox\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n - CVE-2018-17469: Heap buffer overflow in PDFium\n - CVE-2018-17470: Memory corruption in GPU Internals\n - CVE-2018-17471: Security UI occlusion in full screen mode\n - CVE-2018-17473: URL spoof in Omnibox\n - CVE-2018-17474: Use after free in Blink\n - CVE-2018-17475: URL spoof in Omnibox\n - CVE-2018-17476: Security UI occlusion in full screen mode\n - CVE-2018-5179: Lack of limits on update() in ServiceWorker\n - CVE-2018-17477: UI spoof in Extensions\n\n VAAPI hardware accelerated rendering is now enabled by default.\n\n This update contains the following packaging changes:\n\n - Use the system libusb-1.0 library\n - Use bundled harfbuzz library\n - Disable gnome-keyring to avoid crashes\n\n", "modified": "2018-10-24T21:09:13", "published": "2018-10-24T21:09:13", "id": "OPENSUSE-SU-2018:3396-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00062.html", "title": "Security update for Chromium (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-11-21T03:16:50", "bulletinFamily": "unix", "description": "This update contains Chromium 70.0.3538.102 and fixes security issues and\n bugs.\n\n Vulnerabilities fixed in 70.0.3538.102:\n\n - CVE-2018-17478: Out of bounds memory access in V8 (boo#1115537)\n\n Vulnerabilities fixed in 70.0.3538.67 (bsc#1112111):\n\n - CVE-2018-17462: Sandbox escape in AppCache\n - CVE-2018-17463: Remote code execution in V8\n - Heap buffer overflow in Little CMS in PDFium\n - CVE-2018-17464: URL spoof in Omnibox\n - CVE-2018-17465: Use after free in V8\n - CVE-2018-17466: Memory corruption in Angle\n - CVE-2018-17467: URL spoof in Omnibox\n - CVE-2018-17468: Cross-origin URL disclosure in Blink\n - CVE-2018-17469: Heap buffer overflow in PDFium\n - CVE-2018-17470: Memory corruption in GPU Internals\n - CVE-2018-17471: Security UI occlusion in full screen mode\n - CVE-2018-17473: URL spoof in Omnibox\n - CVE-2018-17474: Use after free in Blink\n - CVE-2018-17475: URL spoof in Omnibox\n - CVE-2018-17476: Security UI occlusion in full screen mode\n - CVE-2018-5179: Lack of limits on update() in ServiceWorker\n - CVE-2018-17477: UI spoof in Extensions\n\n This update contains the following packaging changes:\n\n - VAAPI hardware accelerated rendering is now enabled by default.\n - Use the system libusb-1.0 library\n - Use bundled harfbuzz library\n - Disable gnome-keyring to avoid crashes\n - noto-emoji-fonts is no longer a recommended dependency\n\n", "modified": "2018-11-21T00:11:39", "published": "2018-11-21T00:11:39", "id": "OPENSUSE-SU-2018:3835-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-11/msg00035.html", "title": "Security update for chromium (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-10-27T14:31:32", "bulletinFamily": "unix", "description": "This update for lcms2 fixes the following issues:\n\n - CVE-2018-16435: Heap-based buffer overflow via a crafted file in the\n second argument to cmsIT8LoadFromFile (bsc#1108813)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2018-10-27T12:08:37", "published": "2018-10-27T12:08:37", "id": "OPENSUSE-SU-2018:3529-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00081.html", "title": "Security update for lcms2 (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-12-13T15:37:03", "bulletinFamily": "unix", "description": "This update to Mozilla Firefox 60.4.0 ESR fixes security issues and bugs.\n\n Security issues fixed as part of the MFSA 2018-30 advisory (boo#1119105):\n\n - CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library\n with TextureStorage11\n - CVE-2018-18492: Use-after-free with select element\n - CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia\n - CVE-2018-18494: Same-origin policy violation using location attribute\n and performance.getEntries to steal cross-origin URLs\n - CVE-2018-18498: Integer overflow when calculating buffer sizes for images\n - CVE-2018-12405: Memory safety bugs fixed in Firefox 64 and Firefox ESR\n 60.4\n\n The following changes are included:\n\n - now requires NSS >= 3.36.6\n - Updated list of currency codes to include Unidad Previsional (UYW)\n\n", "modified": "2018-12-13T12:09:13", "published": "2018-12-13T12:09:13", "id": "OPENSUSE-SU-2018:4112-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00029.html", "title": "Security update for Mozilla Firefox (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "debian": [{"lastseen": "2019-05-30T02:22:56", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4330-1 security@debian.org\nhttps://www.debian.org/security/ Michael Gilbert\nNovember 02, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium-browser\nCVE ID : CVE-2018-5179 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464\n CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468\n CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17473\n CVE-2018-17474 CVE-2018-17475 CVE-2018-17476 CVE-2018-17477\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2018-5179\n\n Yannic Boneberger discovered an error in the ServiceWorker implementation.\n\nCVE-2018-17462\n\n Ned Williamson and Niklas Baumstark discovered a way to escape the sandbox.\n\nCVE-2018-17463\n\n Ned Williamson and Niklas Baumstark discovered a remote code execution\n issue in the v8 javascript library.\n\nCVE-2018-17464\n\n xisigr discovered a URL spoofing issue.\n\nCVE-2018-17465\n\n Lin Zuojian discovered a use-after-free issue in the v8 javascript\n library.\n\nCVE-2018-17466\n\n Omair discovered a memory corruption issue in the angle library.\n\nCVE-2018-17467\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-17468\n\n Jams Lee discovered an information disclosure issue.\n\nCVE-2018-17469\n\n Zhen Zhou discovered a buffer overflow issue in the pdfium library.\n\nCVE-2018-17470\n\n Zhe Jin discovered a memory corruption issue in the GPU backend\n implementation.\n\nCVE-2018-17471\n\n Lnyas Zhang discovered an issue with the full screen user interface.\n\nCVE-2018-17473\n\n Khalil Zhani discovered a URL spoofing issue.\n\nCVE-2018-17474\n\n Zhe Jin discovered a use-after-free issue.\n\nCVE-2018-17475\n\n Vladimir Metnew discovered a URL spoofing issue.\n\nCVE-2018-17476\n\n Khalil Zhani discovered an issue with the full screen user interface.\n\nCVE-2018-17477\n\n Aaron Muir Hamilton discovered a user interface spoofing issue in the\n extensions pane.\n\nThis update also fixes a buffer overflow in the embedded lcms library included\nwith chromium.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 70.0.3538.67-1~deb9u1.\n\nWe recommend that you upgrade your chromium-browser packages.\n\nFor the detailed security status of chromium-browser please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium-browser\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2018-11-02T11:43:56", "published": "2018-11-02T11:43:56", "id": "DEBIAN:DSA-4330-1:C6D67", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00262.html", "title": "[SECURITY] [DSA 4330-1] chromium-browser security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-17T02:21:33", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4284-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 04, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : lcms2\nCVE ID : CVE-2018-16435\n\nQuang Nguyen discovered an integer overflow in the Little CMS 2 colour\nmanagement library, which could in denial of service and potentially the\nexecution of arbitrary code if a malformed IT8 calibration file is\nprocessed.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8-4+deb9u1.\n\nWe recommend that you upgrade your lcms2 packages.\n\nFor the detailed security status of lcms2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/lcms2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2018-09-04T21:07:53", "published": "2018-09-04T21:07:53", "id": "DEBIAN:DSA-4284-1:5963D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00214.html", "title": "[SECURITY] [DSA 4284-1] lcms2 security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:22:04", "bulletinFamily": "unix", "description": "Package : lcms2\nVersion : 2.6-3+deb8u2\nCVE ID : CVE-2018-16435\nDebian Bug : #907983\n\nIt was discovered that there was an integer overflow vulnerability\nin the "Little CMS 2" colour management library. A specially-crafted\ninput file could lead to a heap-based buffer overflow.\n\nFor Debian 8 "Jessie", this issue has been fixed in lcms2 version\n2.6-3+deb8u2.\n\nWe recommend that you upgrade your lcms2 packages.\n\n\nRegards,\n\n- -- \n ,''`.\n : :' : Chris Lamb\n `. `'` lamby@debian.org / chris-lamb.co.uk\n `-\n\n", "modified": "2018-09-06T09:21:06", "published": "2018-09-06T09:21:06", "id": "DEBIAN:DLA-1496-1:2F059", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201809/msg00005.html", "title": "[SECURITY] [DLA 1496-1] lcms2 security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:22:41", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4354-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 12, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : firefox-esr\nCVE ID : CVE-2018-12405 CVE-2018-17466 CVE-2018-18492\n CVE-2018-18493 CVE-2018-18494 CVE-2018-18498\n\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode or bypass of the same-origin policy.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 60.4.0esr-1~deb9u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFor the detailed security status of firefox-esr please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/firefox-esr\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2018-12-12T21:09:09", "published": "2018-12-12T21:09:09", "id": "DEBIAN:DSA-4354-1:2E2F6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00286.html", "title": "[SECURITY] [DSA 4354-1] firefox-esr security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:28", "bulletinFamily": "unix", "description": "Package : firefox-esr\nVersion : 60.4.0esr-1~deb8u1\nCVE ID : CVE-2018-12405 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493\n CVE-2018-18494 CVE-2018-18498\n\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode or bypass of the same-origin policy.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n60.4.0esr-1~deb8u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2018-12-13T09:12:18", "published": "2018-12-13T09:12:18", "id": "DEBIAN:DLA-1605-1:758B9", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201812/msg00002.html", "title": "[SECURITY] [DLA 1605-1] firefox-esr security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2019-03-21T00:14:41", "bulletinFamily": "info", "description": "### *Detect date*:\n10/16/2018\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service and obtain sensitive information.\n\n### *Affected products*:\nGoogle Chrome earlier than 70.0.3538.67\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Google Chrome download page](<https://www.google.com/chrome/browser/desktop/>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2018-17462](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17462>)6.5High \n[CVE-2018-17463](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17463>)8.8High \n[CVE-2018-17464](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17464>)4.3High \n[CVE-2018-17465](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17465>)8.8High \n[CVE-2018-17466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17466>)0.0High \n[CVE-2018-17467](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17467>)4.3High \n[CVE-2018-17468](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17468>)6.5High \n[CVE-2018-17469](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17469>)8.8High \n[CVE-2018-17470](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17470>)0.0High \n[CVE-2018-17471](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17471>)4.3High \n[CVE-2018-17472](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17472>)9.6High \n[CVE-2018-17473](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17473>)4.3High \n[CVE-2018-17474](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17474>)8.8High \n[CVE-2018-17475](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17475>)4.3High \n[CVE-2018-17476](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17476>)4.3High \n[CVE-2018-5179](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5179>)0.0High \n[CVE-2018-17477](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17477>)4.3High", "modified": "2019-03-07T00:00:00", "published": "2018-10-16T00:00:00", "id": "KLA11338", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11338", "title": "\r KLA11338Multiple vulnerabilities in Google Chrome ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "threatpost": [{"lastseen": "2019-05-30T05:50:38", "bulletinFamily": "info", "description": "Google has lifted the curtain on its latest version of Chrome, which the tech giant has pledged touts more data privacy features, as well as fixes for high-priority vulnerabilities.\n\nThe release comes after Google had promised updates in Chrome 70 to \u201cbetter communicate our changes and offer more control over the experience.\u201d\n\nChrome 70 for Windows, Mac and Linux will roll out over the coming days and weeks, Google said in a Tuesday [posting](<https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html>).\n\n## New Privacy Feature\n\nMost notably, Chrome 70 includes a panel enabling users to have more control over how the browser behaves when they log into their Google accounts.\n\nThe pressure is on Google to prioritize privacy policies after the tech giant came under fire for a change in Chrome 69, launched [earlier in September](<https://threatpost.com/google-rolls-out-40-fixes-with-chrome-69/137210/>). After that release, an update to the browser\u2019s sign-in mechanism [automatically signed users into Chrome](<https://threatpost.com/googles-forced-sign-in-to-chrome-raises-privacy-red-flags/137651/>) when they signed into any other Google service.\n\nDigs at Google increased when a separate researcher also found that when he deleted the cookies.txt files in Chrome, the browser clears all cookies \u2013 except for Google cookies.\n\nBut the new control panel means that users have the option to turn off the automatic sign-in, Zach Koch, Chrome product manager, said in a [post](<https://www.blog.google/products/chrome/product-updates-based-your-feedback/>) on the matter.\n\n\u201cWhile we think sign-in consistency will help many of our users, we\u2019re adding a control that allows users to turn off linking web-based sign-in with browser-based sign-in\u2014that way users have more control over their experience,\u201d he said. \u201cFor users that disable this feature, signing into a Google website will not sign them into Chrome.\n\n## Fixed Vulnerabilities\n\nIn addition to new privacy features, Chrome 70 also [packs](<https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html>) 23 security fixes, including both \u201chigh\u201d and \u201cmedium\u201d priority bugs; as well as new security features.\n\nOf note are patches for a high-priority sandbox escape vulnerability (CVE-2018-17462) in AppCache; a high-priority remote code-execution flaw (CVE-2018-17463) in V8; a \u201chigh\u201d priority URL spoof bug (CVE-2018-17464) in Omnibox; and a \u201chigh\u201d memory corruption glitch (CVE-2018-17466) in Angle.\n\nOther bugs include a high-priority use-after-free flaw (CVE-2018-17465) in V8, and a high-priority heap buffer overflow vulnerability in Little CMS in PDFium (no CVE assigned yet).\n\nA full list of the security bugs and fixes are [here](<https://chromium.googlesource.com/chromium/src/+log/69.0.3497.100..70.0.3538.67?pretty=fuller&n=10000>).\n\nChrome 70 also features Web Bluetooth, which is also available in Windows 10, which allows sites to communicate with user-selected Bluetooth devices in a \u201csecure and privacy-preserving\u201d ways.\n\nAnd finally, Google released support for public key credentials in Chrome 70, which enables strong authentication to websites with public key cryptography, enabling password-less authentication and/or secure second-factor authentication without SMS texts.\n\n\u201cI\u2019m pretty excited about it because it allows sites to use my fingerprint for two-factor authentication,\u201d Pete LePage, developer advocate, said in a Tuesday [post](<https://developers.google.com/web/updates/2018/10/nic70>). \u201cBut, it also adds support for additional types of security keys and better security on the web.\u201d\n", "modified": "2018-10-17T14:04:48", "published": "2018-10-17T14:04:48", "id": "THREATPOST:2EA02E029D18D4A6E2F53BF8057CCD57", "href": "https://threatpost.com/on-heels-of-criticism-newly-released-google-chrome-70-prioritizes-privacy/138368/", "type": "threatpost", "title": "On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2019-05-29T18:19:54", "bulletinFamily": "NVD", "description": "Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.", "modified": "2018-12-21T19:53:00", "id": "CVE-2018-17471", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17471", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17471", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:19:55", "bulletinFamily": "NVD", "description": "Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.", "modified": "2018-12-18T18:51:00", "id": "CVE-2018-17473", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17473", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17473", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:19:55", "bulletinFamily": "NVD", "description": "Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.", "modified": "2018-12-21T20:34:00", "id": "CVE-2018-17476", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17476", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17476", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:19:54", "bulletinFamily": "NVD", "description": "Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", "modified": "2018-12-18T18:39:00", "id": "CVE-2018-17464", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17464", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17464", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:19:55", "bulletinFamily": "NVD", "description": "Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", "modified": "2018-12-19T20:40:00", "id": "CVE-2018-17475", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17475", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17475", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:19:54", "bulletinFamily": "NVD", "description": "A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", "modified": "2019-01-15T17:46:00", "id": "CVE-2018-17470", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17470", "published": "2019-01-09T19:29:00", "title": "CVE-2018-17470", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:19:54", "bulletinFamily": "NVD", "description": "Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page.", "modified": "2018-12-19T20:59:00", "id": "CVE-2018-17468", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17468", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17468", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:19:54", "bulletinFamily": "NVD", "description": "Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", "modified": "2018-12-18T18:37:00", "id": "CVE-2018-17463", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17463", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17463", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:19:54", "bulletinFamily": "NVD", "description": "Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.", "modified": "2018-12-19T20:34:00", "id": "CVE-2018-17465", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17465", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17465", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:19:54", "bulletinFamily": "NVD", "description": "Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", "modified": "2018-12-19T20:43:00", "id": "CVE-2018-17467", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17467", "published": "2018-11-14T15:29:00", "title": "CVE-2018-17467", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "gentoo": [{"lastseen": "2018-11-23T22:33:08", "bulletinFamily": "unix", "description": "### Background\n\nChromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers and Google Chrome Releases for details. \n\n### Impact\n\nA remote attacker could execute arbitrary code, escalate privileges, cause a heap buffer overflow, obtain sensitive information, or spoof a URL. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-70.0.3538.67\"", "modified": "2018-11-23T00:00:00", "published": "2018-11-23T00:00:00", "id": "GLSA-201811-10", "href": "https://security.gentoo.org/glsa/201811-10", "title": "Chromium: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 0.0, "vector": "NONE"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:54", "bulletinFamily": "software", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n * Canonical Ubuntu 18.04\n\n# Description\n\nIbrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-16435)\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.238.0\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.25.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.238.0 or later.\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.25.0 or later.\n\n# References\n\n * [USN-3770-1](<https://usn.ubuntu.com/3770-1>)\n * [CVE-2016-10165](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10165>)\n * [CVE-2018-16435](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16435>)\n", "modified": "2018-09-25T00:00:00", "published": "2018-09-25T00:00:00", "id": "CFOUNDRY:AFE5A77EBE4E39A2F02201C20DDD401B", "href": "https://www.cloudfoundry.org/blog/usn-3770-1/", "title": "USN-3770-1: Little CMS vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "ubuntu": [{"lastseen": "2019-05-29T19:21:31", "bulletinFamily": "unix", "description": "Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-16435)", "modified": "2018-09-20T00:00:00", "published": "2018-09-20T00:00:00", "id": "USN-3770-1", "href": "https://usn.ubuntu.com/3770-1/", "title": "Little CMS vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2019-05-29T19:22:13", "bulletinFamily": "unix", "description": "USN-3770-1 fixed a vulnerability in Little CMS. This update provides the corresponding update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nPedro Ribeiro discoreved that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2013-4276)\n\nIbrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-16435)", "modified": "2018-09-20T00:00:00", "published": "2018-09-20T00:00:00", "id": "USN-3770-2", "href": "https://usn.ubuntu.com/3770-2/", "title": "Little CMS vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "redhat": [{"lastseen": "2019-05-29T14:33:38", "bulletinFamily": "unix", "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 60.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405)\n\n* Mozilla: Memory corruption in Angle (CVE-2018-17466)\n\n* Mozilla: Use-after-free with select element (CVE-2018-18492)\n\n* Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493)\n\n* Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494)\n\n* Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Natalia Csoregi, Nicolas B. Pierron, Tyson Smith, Nils, Atte Kettunen, James Lee of Kryptos Logic, and r as the original reporters.", "modified": "2018-12-17T19:12:26", "published": "2018-12-17T19:10:13", "id": "RHSA-2018:3833", "href": "https://access.redhat.com/errata/RHSA-2018:3833", "type": "redhat", "title": "(RHSA-2018:3833) Critical: firefox security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T14:35:07", "bulletinFamily": "unix", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 60.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405)\n\n* chromium-browser, firefox: Memory corruption in Angle (CVE-2018-17466)\n\n* Mozilla: Use-after-free with select element (CVE-2018-18492)\n\n* Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493)\n\n* Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494)\n\n* Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Natalia Csoregi, Nicolas B. Pierron, Tyson Smith, Nils, Atte Kettunen, James Lee of Kryptos Logic, and r as the original reporters.", "modified": "2019-01-25T02:49:46", "published": "2019-01-25T02:48:12", "id": "RHSA-2019:0160", "href": "https://access.redhat.com/errata/RHSA-2019:0160", "type": "redhat", "title": "(RHSA-2019:0160) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T14:34:56", "bulletinFamily": "unix", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 60.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405)\n\n* chromium-browser, firefox: Memory corruption in Angle (CVE-2018-17466)\n\n* Mozilla: Use-after-free with select element (CVE-2018-18492)\n\n* Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493)\n\n* Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494)\n\n* Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Natalia Csoregi, Nicolas B. Pierron, Tyson Smith, Nils, Atte Kettunen, James Lee of Kryptos Logic, and r as the original reporters.", "modified": "2019-01-25T02:48:41", "published": "2019-01-25T02:47:18", "id": "RHSA-2019:0159", "href": "https://access.redhat.com/errata/RHSA-2019:0159", "type": "redhat", "title": "(RHSA-2019:0159) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:41", "bulletinFamily": "unix", "description": "[60.4.0-1.0.1]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[60.4.0-1]\n- Update to 60.4.0 ESR\n[60.3.0-2]\n- Added firefox-gnome-shell-extension\n[60.3.0-1]\n- Update to 60.3.0 ESR", "modified": "2018-12-18T00:00:00", "published": "2018-12-18T00:00:00", "id": "ELSA-2018-3833", "href": "http://linux.oracle.com/errata/ELSA-2018-3833.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:45", "bulletinFamily": "unix", "description": "[60.4.0-1.0.1]\n- fix LD_LIBRARY_PATH\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one\n[60.4.0-1]\n- Update to 60.4.0 ESR\n[60.3.0-2]\n- Added firefox-gnome-shell-extension", "modified": "2018-12-18T00:00:00", "published": "2018-12-18T00:00:00", "id": "ELSA-2018-3831", "href": "http://linux.oracle.com/errata/ELSA-2018-3831.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:52", "bulletinFamily": "unix", "description": "[60.4.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[60.4.0-1]\n- Update to 60.4.0", "modified": "2019-01-25T00:00:00", "published": "2019-01-25T00:00:00", "id": "ELSA-2019-0160", "href": "http://linux.oracle.com/errata/ELSA-2019-0160.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-05-29T18:34:43", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2018:3833\n\n\nMozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 60.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405)\n\n* Mozilla: Memory corruption in Angle (CVE-2018-17466)\n\n* Mozilla: Use-after-free with select element (CVE-2018-18492)\n\n* Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493)\n\n* Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494)\n\n* Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Natalia Csoregi, Nicolas B. Pierron, Tyson Smith, Nils, Atte Kettunen, James Lee of Kryptos Logic, and r as the original reporters.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-December/023139.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\n", "modified": "2018-12-21T19:08:51", "published": "2018-12-21T19:08:51", "id": "CESA-2018:3833", "href": "http://lists.centos.org/pipermail/centos-announce/2018-December/023139.html", "title": "firefox security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:32", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2018:3831\n\n\nMozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 60.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405)\n\n* Mozilla: Memory corruption in Angle (CVE-2018-17466)\n\n* Mozilla: Use-after-free with select element (CVE-2018-18492)\n\n* Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493)\n\n* Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494)\n\n* Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Natalia Csoregi, Nicolas B. Pierron, Tyson Smith, Nils, Atte Kettunen, James Lee of Kryptos Logic, and r as the original reporters.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-December/023138.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\n", "modified": "2018-12-21T19:07:59", "published": "2018-12-21T19:07:59", "id": "CESA-2018:3831", "href": "http://lists.centos.org/pipermail/centos-announce/2018-December/023138.html", "title": "firefox security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:05", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2019:0160\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 60.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405)\n\n* chromium-browser, firefox: Memory corruption in Angle (CVE-2018-17466)\n\n* Mozilla: Use-after-free with select element (CVE-2018-18492)\n\n* Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493)\n\n* Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494)\n\n* Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Natalia Csoregi, Nicolas B. Pierron, Tyson Smith, Nils, Atte Kettunen, James Lee of Kryptos Logic, and r as the original reporters.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2019-February/023154.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "modified": "2019-02-01T23:12:43", "published": "2019-02-01T23:12:43", "id": "CESA-2019:0160", "href": "http://lists.centos.org/pipermail/centos-announce/2019-February/023154.html", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:45", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2019:0159\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 60.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405)\n\n* chromium-browser, firefox: Memory corruption in Angle (CVE-2018-17466)\n\n* Mozilla: Use-after-free with select element (CVE-2018-18492)\n\n* Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493)\n\n* Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494)\n\n* Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Natalia Csoregi, Nicolas B. Pierron, Tyson Smith, Nils, Atte Kettunen, James Lee of Kryptos Logic, and r as the original reporters.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2019-February/023188.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "modified": "2019-02-01T23:14:30", "published": "2019-02-01T23:14:30", "id": "CESA-2019:0159", "href": "http://lists.centos.org/pipermail/centos-announce/2019-February/023188.html", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
