9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
9 High
AI Score
Confidence
High
0.296 Low
EPSS
Percentile
96.9%
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities possibly to execute arbitrary code, cause denial of service, perform cross-site scripting attacks, obtain sensitive information, spoof user interface, bypass security restrictions and perform unspecified attacks.
Below is a complete list of vulnerabilities:
NB: This vulnerability does not have any public CVSS rating, so rating can be changed by the time.
NB: At this moment Google has just reserved CVE numbers for these vulnerabilities. Information can be changed soon.
Stable Channel Update for Desktop
Public exploits exist for this vulnerability.
CVE-2018-6123 warning
CVE-2018-6124 high
CVE-2018-6125 unknown
CVE-2018-6126 high
CVE-2018-6127 high
CVE-2018-6128 warning
CVE-2018-6129 warning
CVE-2018-6130 warning
CVE-2018-6131 high
CVE-2018-6132 warning
CVE-2018-6133 warning
CVE-2018-6134 warning
CVE-2018-6135 warning
CVE-2018-6136 warning
CVE-2018-6137 warning
CVE-2018-6138 high
CVE-2018-6139 high
CVE-2018-6140 critical
CVE-2018-6141 high
CVE-2018-6142 warning
CVE-2018-6143 warning
CVE-2018-6144 high
CVE-2018-6145 warning
CVE-2018-6147 warning
Update to latest version.
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Cross site scripting. Exploitation of vulnerabilities with this impact can lead to partial interception of information transmitted between user and site.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
9 High
AI Score
Confidence
High
0.296 Low
EPSS
Percentile
96.9%