DSA-4256-1 chromium-browser -- chromium-browserID: oval:org.secpod.oval:def:603469 | Date: (C)2018-07-30 (M)2024-03-27 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-4117 AhsanEjaz discovered an information leak. Rob Wu discovered a way to escalate privileges using extensions. CVE-2018-6150 Rob Wu discovered an information disclosure issue . CVE-2018-6151 Rob Wu discovered an issue in the developer tools . CVE-2018-6152 Rob Wu discovered an issue in the developer tools . CVE-2018-6153 Zhen Zhou discovered a buffer overflow issue in the skia library. CVE-2018-6154 Omair discovered a buffer overflow issue in the WebGL implementation. CVE-2018-6155 Natalie Silvanovich discovered a use-after-free issue in the WebRTC implementation. CVE-2018-6156 Natalie Silvanovich discovered a buffer overflow issue in the WebRTC implementation. CVE-2018-6157 Natalie Silvanovich discovered a type confusion issue in the WebRTC implementation. CVE-2018-6158 Zhe Jin discovered a use-after-free issue. CVE-2018-6159 Jun Kokatsu discovered a way to bypass the same origin policy. CVE-2018-6161 Jun Kokatsu discovered a way to bypass the same origin policy. CVE-2018-6162 Omair discovered a buffer overflow issue in the WebGL implementation. CVE-2018-6163 Khalil Zhani discovered a URL spoofing issue. CVE-2018-6164 Jun Kokatsu discovered a way to bypass the same origin policy. CVE-2018-6165 evil1m0 discovered a URL spoofing issue. CVE-2018-6166 Lynas Zhang discovered a URL spoofing issue. CVE-2018-6167 Lynas Zhang discovered a URL spoofing issue. CVE-2018-6168 Gunes Acar and Danny Y. Huang discovered a way to bypass the Cross Origin Resource Sharing policy. CVE-2018-6169 Sam P discovered a way to bypass permissions when installing extensions. CVE-2018-6170 A type confusion issue was discovered in the pdfium library. CVE-2018-6171 A use-after-free issue was discovered in the WebBluetooth implementation. CVE-2018-6172 Khalil Zhani discovered a URL spoofing issue. CVE-2018-6173 Khalil Zhani discovered a URL spoofing issue. CVE-2018-6174 Mark Brand discovered an integer overflow issue in the swiftshader library. CVE-2018-6175 Khalil Zhani discovered a URL spoofing issue. CVE-2018-6176 Jann Horn discovered a way to escalate privileges using extensions. CVE-2018-6177 Ron Masas discovered an information leak. CVE-2018-6178 Khalil Zhani discovered a user interface spoofing issue. CVE-2018-6179 It was discovered that information about files local to the system could be leaked to extensions. This version also fixes a regression introduced in the previous security update that could prevent decoding of particular audio/video codecs.
Product: |
chromedriver |
chromium |