Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2018:3803
HistoryDec 10, 2018 - 10:22 a.m.

(RHSA-2018:3803) Important: chromium-browser security update

2018-12-1010:22:08
access.redhat.com
97

0.867 High

EPSS

Percentile

98.6%

JSON

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 71.0.3578.80.

Security Fix(es):

  • chromium-browser: Out of bounds write in V8 (CVE-2018-17480)

  • chromium-browser: Use after frees in PDFium (CVE-2018-17481)

  • chromium-browser: Heap buffer overflow in Skia (CVE-2018-18335)

  • chromium-browser: Use after free in PDFium (CVE-2018-18336)

  • chromium-browser: Use after free in Blink (CVE-2018-18337)

  • chromium-browser: Heap buffer overflow in Canvas (CVE-2018-18338)

  • chromium-browser: Use after free in WebAudio (CVE-2018-18339)

  • chromium-browser: Use after free in MediaRecorder (CVE-2018-18340)

  • chromium-browser: Heap buffer overflow in Blink (CVE-2018-18341)

  • chromium-browser: Out of bounds write in V8 (CVE-2018-18342)

  • chromium-browser: Use after free in Skia (CVE-2018-18343)

  • chromium-browser: Inappropriate implementation in Extensions (CVE-2018-18344)

  • chromium-browser: Inappropriate implementation in Site Isolation (CVE-2018-18345)

  • chromium-browser: Incorrect security UI in Blink (CVE-2018-18346)

  • chromium-browser: Inappropriate implementation in Navigation (CVE-2018-18347)

  • chromium-browser: Inappropriate implementation in Omnibox (CVE-2018-18348)

  • chromium-browser: Insufficient policy enforcement in Blink (CVE-2018-18349)

  • chromium-browser: Insufficient policy enforcement in Blink (CVE-2018-18350)

  • chromium-browser: Insufficient policy enforcement in Navigation (CVE-2018-18351)

  • chromium-browser: Inappropriate implementation in Media (CVE-2018-18352)

  • chromium-browser: Inappropriate implementation in Network Authentication (CVE-2018-18353)

  • chromium-browser: Insufficient data validation in Shell Integration (CVE-2018-18354)

  • chromium-browser: Insufficient policy enforcement in URL Formatter (CVE-2018-18355)

  • chromium-browser: Use after free in Skia (CVE-2018-18356)

  • chromium-browser: Insufficient policy enforcement in URL Formatter (CVE-2018-18357)

  • chromium-browser: Insufficient policy enforcement in Proxy (CVE-2018-18358)

  • chromium-browser: Out of bounds read in V8 (CVE-2018-18359)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Related

suse 6
nessus 21
openvas 17
freebsd 1
kaspersky 4
debian 2
fedora 2
archlinux 2
chrome 2
osv 1
threatpost 1
gentoo 1
mozilla 2
altlinux 2
slackware 2
mageia 1
cve 18
cvelist 16
veracode 17
nvd 17
redhatcve 17
debiancve 14
prion 14
ubuntucve 17
attackerkb 1
alpinelinux 1
suse
suse
Security update for Chromium (important)
2018-12-15 15:08:49
Security update for Chromium (important)
2018-12-08 15:14:53
Security update for Chromium (important)
2018-12-15 15:09:21
nessus
nessus
openSUSE Security Update : Chromium (openSUSE-2018-1557)
2018-12-17 00:00:00
openSUSE Security Update : Chromium (openSUSE-2018-1521)
2018-12-10 00:00:00
Google Chrome < 71.0.3578.80 Multiple Vulnerabilities
2018-12-10 00:00:00
openvas
openvas
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:4142-1)
2018-12-18 00:00:00
Fedora Update for chromium FEDORA-2019-348547a32d
2019-01-16 00:00:00
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:4142-1)
2018-12-18 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2018-12-04 00:00:00
kaspersky
kaspersky
KLA11379 Multiple vulnerabilities in Google Chrome
2018-12-04 00:00:00
KLA11734 Multiple vulnerabilities in Opera
2018-12-12 00:00:00
KLA11425 Multiple vulnerabilities in Mozilla Thunderbird
2019-02-14 00:00:00
debian
debian
[SECURITY] [DSA 4352-1] chromium-browser security update
2018-12-08 01:45:46
[SECURITY] [DSA 4352-1] chromium-browser security update
2018-12-08 01:45:46
fedora
fedora
[SECURITY] Fedora 29 Update: chromium-71.0.3578.98-1.fc29
2019-01-05 02:32:22
[SECURITY] Fedora 28 Update: chromium-71.0.3578.98-1.fc28
2019-01-16 01:43:05
archlinux
archlinux
[ASA-201812-2] chromium: multiple issues
2018-12-08 00:00:00
[ASA-201902-23] thunderbird: multiple issues
2019-02-20 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2018-12-04 00:00:00
Stable Channel Update for Desktop
2018-12-12 00:00:00
osv
osv
chromium-browser - security update
2018-12-07 00:00:00
threatpost
threatpost
Google Chrome 71 Touts 43 Fixes, Fights Ad Abuse
2018-12-05 04:34:29
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2019-08-15 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 60.5.1 — Mozilla
2019-02-12 00:00:00
Security vulnerabilities fixed in Thunderbird 60.5.1 — Mozilla
2019-02-14 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.5.1-alt1
2019-02-15 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 60.5.1-alt1
2019-02-15 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2019-02-14 00:00:16
[slackware-security] mozilla-thunderbird
2019-02-15 00:52:46
mageia
mageia
Updated thunderbird packages fix security vulnerability
2019-02-17 20:17:45
cve
cve
CVE-2018-18347
2018-12-11 16:29:01
CVE-2018-18350
2018-12-11 16:29:01
CVE-2018-18354
2018-12-11 16:29:01
cvelist
cvelist
CVE-2018-18336
2018-12-11 15:00:00
CVE-2018-18338
2018-12-11 15:00:00
CVE-2018-18341
2018-12-11 15:00:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 04:45:30
Same-Origin Policy Bypass
2020-12-06 04:44:19
Authorization Bypass
2020-12-06 04:44:35
nvd
nvd
CVE-2018-18337
2018-12-11 16:29:00
CVE-2018-18351
2018-12-11 16:29:01
CVE-2018-18343
2018-12-11 16:29:01
redhatcve
redhatcve
CVE-2018-18340
2018-12-05 19:00:59
CVE-2018-18351
2018-12-05 18:52:07
CVE-2018-18352
2018-12-05 18:52:47
debiancve
debiancve
CVE-2018-18343
2018-12-11 16:29:01
CVE-2018-18340
2018-12-11 16:29:01
CVE-2018-18357
2018-12-11 16:29:02
prion
prion
Design/Logic Flaw
2018-12-11 16:29:00
Design/Logic Flaw
2018-12-11 16:29:00
Design/Logic Flaw
2018-12-11 16:29:00
ubuntucve
ubuntucve
CVE-2018-18355
2018-12-11 00:00:00
CVE-2018-18345
2018-12-11 00:00:00
CVE-2018-18358
2018-12-11 00:00:00
attackerkb
attackerkb
CVE-2018-17480
2018-12-11 00:00:00
alpinelinux
alpinelinux
CVE-2018-18335
2018-12-11 16:29:00

0.867 High

EPSS

Percentile

98.6%

JSON
Related for RHSA-2018:3803
suse6nessus21openvas17freebsd1kaspersky4debian2fedora2archlinux2chrome2osv1threatpost1gentoo1mozilla2altlinux2slackware2mageia1cve18cvelist16veracode17nvd17redhatcve17debiancve14prion14ubuntucve17attackerkb1alpinelinux1