CVSS: 8.8EPSS: 3%CPEs: 6EXPL: 0CVE-2018-6106 – chromium-browser: Incorrect handling of promises in V8
https://notcve.org/view.php?id=CVE-2018-6106
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page. Un generador asíncrono podría devolver un estado incorrecto en V8 en Google Chrome, en versiones anteriores a la 66.0.3359.117, lo que permite que un atacante remoto explote una corrupción de objetos mediante una página HTML manipulada. Google Chrome V8 Await methods call ResolveNativePromise which calls InternalResolvePromise which can invoke a user JavaScript code through a "then" getter. If the AwaitedPromise is replaced by the user script, the AwaitedPromise will be immediately overwritten after the call to Await, this may lead the generator to an incorrect state. • http://www.securityfocus.com/bid/103917 https://access.redhat.com/errata/RHSA-2018:1195 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html https://crbug.com/805729 https://security.gentoo.org/glsa/201804-22 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6106 https://bugzilla.redhat.com/show_bug.cgi?id=1568786 • CWE-19: Data Processing Errors •
CVSS: 8.8EPSS: 8%CPEs: 6EXPL: 0CVE-2018-6090 – chromium-browser: Heap buffer overflow in Skia
https://notcve.org/view.php?id=CVE-2018-6090
An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en Skia en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto ejecutase código arbitrario dentro de un sandbox mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103917 https://access.redhat.com/errata/RHSA-2018:1195 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html https://crbug.com/820913 https://security.gentoo.org/glsa/201804-22 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6090 https://bugzilla.redhat.com/show_bug.cgi?id=1568766 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2018-6091 – chromium-browser: Incorrect handling of plug-ins by Service Worker
https://notcve.org/view.php?id=CVE-2018-6091
Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Los trabajadores del servicio (Service Workers) pueden interceptar cualquier petición realizada por las etiquetas o en la API Fetch en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitían que un atacante remoto filtrase datos cross-origin mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103917 https://access.redhat.com/errata/RHSA-2018:1195 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html https://crbug.com/771933 https://security.gentoo.org/glsa/201804-22 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6091 https://bugzilla.redhat.com/show_bug.cgi?id=1568767 • CWE-19: Data Processing Errors •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-6103 – chromium-browser: UI spoof in Permissions
https://notcve.org/view.php?id=CVE-2018-6103
A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page. Un mensaje de permisos estancado en Prompts en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto omitiese las políticas de permisos mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103917 https://access.redhat.com/errata/RHSA-2018:1195 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html https://crbug.com/816033 https://security.gentoo.org/glsa/201804-22 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6103 https://bugzilla.redhat.com/show_bug.cgi?id=1568781 •
CVSS: 7.5EPSS: 11%CPEs: 6EXPL: 0CVE-2018-6101 – chromium-browser: Insufficient protection of remote debugging prototol in DevTools
https://notcve.org/view.php?id=CVE-2018-6101
A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server. La falta de validación del host en DevTools en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto ejecutase código arbitrario mediante una página HTML manipulada si el usuario está ejecutando un servidor de depuración DevTools remoto. • http://www.securityfocus.com/bid/103917 https://access.redhat.com/errata/RHSA-2018:1195 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html https://crbug.com/813540 https://security.gentoo.org/glsa/201804-22 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6101 https://bugzilla.redhat.com/show_bug.cgi?id=1568779 • CWE-20: Improper Input Validation •