RHSA-2018:0484
Vulnerability from csaf_redhat - Published: 2018-03-12 18:21 - Updated: 2026-01-08 11:27Summary
Red Hat Security Advisory: chromium-browser security update
Notes
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 65.0.3325.146.
Security Fix(es):
* chromium-browser: incorrect permissions on shared memory (CVE-2018-6057)
* chromium-browser: use-after-free in blink (CVE-2018-6060)
* chromium-browser: race condition in v8 (CVE-2018-6061)
* chromium-browser: heap buffer overflow in skia (CVE-2018-6062)
* chromium-browser: incorrect permissions on shared memory (CVE-2018-6063)
* chromium-browser: type confusion in v8 (CVE-2018-6064)
* chromium-browser: integer overflow in v8 (CVE-2018-6065)
* chromium-browser: same origin bypass via canvas (CVE-2018-6066)
* chromium-browser: buffer overflow in skia (CVE-2018-6067)
* chromium-browser: stack buffer overflow in skia (CVE-2018-6069)
* chromium-browser: csp bypass through extensions (CVE-2018-6070)
* chromium-browser: heap bufffer overflow in skia (CVE-2018-6071)
* chromium-browser: integer overflow in pdfium (CVE-2018-6072)
* chromium-browser: heap bufffer overflow in webgl (CVE-2018-6073)
* chromium-browser: mark-of-the-web bypass (CVE-2018-6074)
* chromium-browser: overly permissive cross origin downloads (CVE-2018-6075)
* chromium-browser: incorrect handling of url fragment identifiers in blink (CVE-2018-6076)
* chromium-browser: timing attack using svg filters (CVE-2018-6077)
* chromium-browser: url spoof in omnibox (CVE-2018-6078)
* chromium-browser: information disclosure via texture data in webgl (CVE-2018-6079)
* chromium-browser: information disclosure in ipc call (CVE-2018-6080)
* chromium-browser: xss in interstitials (CVE-2018-6081)
* chromium-browser: circumvention of port blocking (CVE-2018-6082)
* chromium-browser: incorrect processing of appmanifests (CVE-2018-6083)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 65.0.3325.146.\n\nSecurity Fix(es):\n\n* chromium-browser: incorrect permissions on shared memory (CVE-2018-6057)\n\n* chromium-browser: use-after-free in blink (CVE-2018-6060)\n\n* chromium-browser: race condition in v8 (CVE-2018-6061)\n\n* chromium-browser: heap buffer overflow in skia (CVE-2018-6062)\n\n* chromium-browser: incorrect permissions on shared memory (CVE-2018-6063)\n\n* chromium-browser: type confusion in v8 (CVE-2018-6064)\n\n* chromium-browser: integer overflow in v8 (CVE-2018-6065)\n\n* chromium-browser: same origin bypass via canvas (CVE-2018-6066)\n\n* chromium-browser: buffer overflow in skia (CVE-2018-6067)\n\n* chromium-browser: stack buffer overflow in skia (CVE-2018-6069)\n\n* chromium-browser: csp bypass through extensions (CVE-2018-6070)\n\n* chromium-browser: heap bufffer overflow in skia (CVE-2018-6071)\n\n* chromium-browser: integer overflow in pdfium (CVE-2018-6072)\n\n* chromium-browser: heap bufffer overflow in webgl (CVE-2018-6073)\n\n* chromium-browser: mark-of-the-web bypass (CVE-2018-6074)\n\n* chromium-browser: overly permissive cross origin downloads (CVE-2018-6075)\n\n* chromium-browser: incorrect handling of url fragment identifiers in blink (CVE-2018-6076)\n\n* chromium-browser: timing attack using svg filters (CVE-2018-6077)\n\n* chromium-browser: url spoof in omnibox (CVE-2018-6078)\n\n* chromium-browser: information disclosure via texture data in webgl (CVE-2018-6079)\n\n* chromium-browser: information disclosure in ipc call (CVE-2018-6080)\n\n* chromium-browser: xss in interstitials (CVE-2018-6081)\n\n* chromium-browser: circumvention of port blocking (CVE-2018-6082)\n\n* chromium-browser: incorrect processing of appmanifests (CVE-2018-6083)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0484",
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1552476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552476"
},
{
"category": "external",
"summary": "1552477",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552477"
},
{
"category": "external",
"summary": "1552478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552478"
},
{
"category": "external",
"summary": "1552479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552479"
},
{
"category": "external",
"summary": "1552480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552480"
},
{
"category": "external",
"summary": "1552481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552481"
},
{
"category": "external",
"summary": "1552482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552482"
},
{
"category": "external",
"summary": "1552483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552483"
},
{
"category": "external",
"summary": "1552484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552484"
},
{
"category": "external",
"summary": "1552486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552486"
},
{
"category": "external",
"summary": "1552487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552487"
},
{
"category": "external",
"summary": "1552488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552488"
},
{
"category": "external",
"summary": "1552489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552489"
},
{
"category": "external",
"summary": "1552490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552490"
},
{
"category": "external",
"summary": "1552491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552491"
},
{
"category": "external",
"summary": "1552492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552492"
},
{
"category": "external",
"summary": "1552493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552493"
},
{
"category": "external",
"summary": "1552494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552494"
},
{
"category": "external",
"summary": "1552495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552495"
},
{
"category": "external",
"summary": "1552496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552496"
},
{
"category": "external",
"summary": "1552497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552497"
},
{
"category": "external",
"summary": "1552498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552498"
},
{
"category": "external",
"summary": "1552499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552499"
},
{
"category": "external",
"summary": "1552500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552500"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0484.json"
}
],
"title": "Red Hat Security Advisory: chromium-browser security update",
"tracking": {
"current_release_date": "2026-01-08T11:27:23+00:00",
"generator": {
"date": "2026-01-08T11:27:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.14"
}
},
"id": "RHSA-2018:0484",
"initial_release_date": "2018-03-12T18:21:28+00:00",
"revision_history": [
{
"date": "2018-03-12T18:21:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-03-12T18:21:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-08T11:27:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"product": {
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"product_id": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chromium-browser@65.0.3325.146-2.el6_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"product": {
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"product_id": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chromium-browser-debuginfo@65.0.3325.146-2.el6_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"product": {
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"product_id": "chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chromium-browser@65.0.3325.146-2.el6_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"product": {
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"product_id": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chromium-browser-debuginfo@65.0.3325.146-2.el6_9?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686"
},
"product_reference": "chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64"
},
"product_reference": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686"
},
"product_reference": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
},
"product_reference": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686"
},
"product_reference": "chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64"
},
"product_reference": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686"
},
"product_reference": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
},
"product_reference": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686"
},
"product_reference": "chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64"
},
"product_reference": "chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686"
},
"product_reference": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
},
"product_reference": "chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-6057",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552479"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: incorrect permissions on shared memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6057"
},
{
"category": "external",
"summary": "RHBZ#1552479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6057",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6057"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6057",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6057"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: incorrect permissions on shared memory"
},
{
"cve": "CVE-2018-6060",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552476"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: use-after-free in blink",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6060"
},
{
"category": "external",
"summary": "RHBZ#1552476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6060",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6060"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6060",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6060"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: use-after-free in blink"
},
{
"cve": "CVE-2018-6061",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552477"
}
],
"notes": [
{
"category": "description",
"text": "A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: race condition in v8",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6061"
},
{
"category": "external",
"summary": "RHBZ#1552477",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552477"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6061",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6061"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6061",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6061"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: race condition in v8"
},
{
"cve": "CVE-2018-6062",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552478"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: heap buffer overflow in skia",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6062"
},
{
"category": "external",
"summary": "RHBZ#1552478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552478"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6062",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6062"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6062",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6062"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: heap buffer overflow in skia"
},
{
"cve": "CVE-2018-6063",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552480"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: incorrect permissions on shared memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6063"
},
{
"category": "external",
"summary": "RHBZ#1552480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6063",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6063"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: incorrect permissions on shared memory"
},
{
"cve": "CVE-2018-6064",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552481"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: type confusion in v8",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6064"
},
{
"category": "external",
"summary": "RHBZ#1552481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6064",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6064"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6064",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6064"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: type confusion in v8"
},
{
"cve": "CVE-2018-6065",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552482"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: integer overflow in v8",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6065"
},
{
"category": "external",
"summary": "RHBZ#1552482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6065",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6065"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-08T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: integer overflow in v8"
},
{
"cve": "CVE-2018-6066",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552483"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: same origin bypass via canvas",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6066"
},
{
"category": "external",
"summary": "RHBZ#1552483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6066",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6066"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6066",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6066"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: same origin bypass via canvas"
},
{
"cve": "CVE-2018-6067",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552484"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: buffer overflow in skia",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6067"
},
{
"category": "external",
"summary": "RHBZ#1552484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6067",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6067"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: buffer overflow in skia"
},
{
"cve": "CVE-2018-6069",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552486"
}
],
"notes": [
{
"category": "description",
"text": "Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: stack buffer overflow in skia",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6069"
},
{
"category": "external",
"summary": "RHBZ#1552486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552486"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6069"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: stack buffer overflow in skia"
},
{
"cve": "CVE-2018-6070",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552487"
}
],
"notes": [
{
"category": "description",
"text": "Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: csp bypass through extensions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6070"
},
{
"category": "external",
"summary": "RHBZ#1552487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6070",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6070"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6070",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6070"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: csp bypass through extensions"
},
{
"cve": "CVE-2018-6071",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552488"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: heap bufffer overflow in skia",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6071"
},
{
"category": "external",
"summary": "RHBZ#1552488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6071",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6071"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6071",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6071"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: heap bufffer overflow in skia"
},
{
"cve": "CVE-2018-6072",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552489"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: integer overflow in pdfium",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6072"
},
{
"category": "external",
"summary": "RHBZ#1552489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6072",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6072"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6072",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6072"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: integer overflow in pdfium"
},
{
"cve": "CVE-2018-6073",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552490"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: heap bufffer overflow in webgl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6073"
},
{
"category": "external",
"summary": "RHBZ#1552490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6073"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6073",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6073"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: heap bufffer overflow in webgl"
},
{
"cve": "CVE-2018-6074",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552491"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: mark-of-the-web bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6074"
},
{
"category": "external",
"summary": "RHBZ#1552491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552491"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6074"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: mark-of-the-web bypass"
},
{
"cve": "CVE-2018-6075",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552492"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: overly permissive cross origin downloads",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6075"
},
{
"category": "external",
"summary": "RHBZ#1552492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6075"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: overly permissive cross origin downloads"
},
{
"cve": "CVE-2018-6076",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552493"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: incorrect handling of url fragment identifiers in blink",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6076"
},
{
"category": "external",
"summary": "RHBZ#1552493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6076"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6076",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6076"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: incorrect handling of url fragment identifiers in blink"
},
{
"cve": "CVE-2018-6077",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552494"
}
],
"notes": [
{
"category": "description",
"text": "Displacement map filters being applied to cross-origin images in Blink SVG rendering in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: timing attack using svg filters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6077"
},
{
"category": "external",
"summary": "RHBZ#1552494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6077"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6077",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6077"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: timing attack using svg filters"
},
{
"cve": "CVE-2018-6078",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552495"
}
],
"notes": [
{
"category": "description",
"text": "Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: url spoof in omnibox",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6078"
},
{
"category": "external",
"summary": "RHBZ#1552495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6078"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6078",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6078"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: url spoof in omnibox"
},
{
"cve": "CVE-2018-6079",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552496"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: information disclosure via texture data in webgl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6079"
},
{
"category": "external",
"summary": "RHBZ#1552496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6079"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: information disclosure via texture data in webgl"
},
{
"cve": "CVE-2018-6080",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552497"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: information disclosure in ipc call",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6080"
},
{
"category": "external",
"summary": "RHBZ#1552497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6080",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6080"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6080",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6080"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: information disclosure in ipc call"
},
{
"cve": "CVE-2018-6081",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552498"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: xss in interstitials",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6081"
},
{
"category": "external",
"summary": "RHBZ#1552498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552498"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6081",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6081"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: xss in interstitials"
},
{
"cve": "CVE-2018-6082",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552499"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: circumvention of port blocking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6082"
},
{
"category": "external",
"summary": "RHBZ#1552499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6082",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6082"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6082",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6082"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: circumvention of port blocking"
},
{
"cve": "CVE-2018-6083",
"discovery_date": "2018-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1552500"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: incorrect processing of appmanifests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6083"
},
{
"category": "external",
"summary": "RHBZ#1552500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6083",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6083"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6083",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6083"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-12T18:21:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-0:65.0.3325.146-2.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.i686",
"6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:65.0.3325.146-2.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: incorrect processing of appmanifests"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…