admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix version for Chrome 66

Browse Source
This commit is contained in:
Andrew R. Whalley 2019-01-07 18:12:23 -08:00
parent 07efd449a3
commit d227eaaf0e
No known key found for this signature in database
GPG Key ID: 451F3570E2469166
36 changed files with 72 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2018/6xxx/CVE-2018-6084.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.106 allowed a local attacker to execute arbitrary code via an executable file." "value": "Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6085.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code via a crafted HTML page." "value" : "Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6086.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code via a crafted HTML page." "value" : "A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6087.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page." "value" : "A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6088.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file." "value" : "An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6089.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page." "value" : "A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6090.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page." "value" : "An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6091.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to leak cross-origin data via a crafted HTML page." "value": "Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6092.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page." "value" : "An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6093.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to leak cross-origin data via a crafted HTML page." "value": "Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6094.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." "value" : "Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6095.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to read local files via a crafted HTML page." "value" : "Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6096.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to obscure the full screen warning via a crafted HTML page." "value": "A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6097.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.106 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page." "value": "Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6098.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name." "value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6099.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page." "value" : "A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6100.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.106 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name." "value": "Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6101.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server." "value" : "A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6102.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name." "value" : "Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6103.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to bypass permission policy via a crafted HTML page." "value" : "A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6104.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name." "value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6105.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name." "value" : "Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6106.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.106 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page." "value": "An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6107.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name." "value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6108.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page." "value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6109.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page." "value": "readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6110.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page." "value": "Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6111.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.106 allowed a local attacker to execute arbitrary code via a crafted HTML page." "value": "An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6112.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page." "value": "Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6113.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.106 allowed a remote attacker to perform domain spoofing via a crafted HTML page." "value": "Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6114.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to bypass content security policy via a crafted HTML page." "value": "Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6115.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page." "value" : "Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6116.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page." "value" : "A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
} }
] ]
}, },

4
2018/6xxx/CVE-2018-6117.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Confusing settings in Autofill in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page." "value": "Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6151.json
View File

@ -18,7 +18,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "66.0.3359.106", "version_value": "66.0.3359.117",
"version_affected": "<" "version_affected": "<"
} }
] ]
@ -56,7 +56,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.106 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension." "value": "Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension."
} }
] ]
} }

4
2018/6xxx/CVE-2018-6152.json
View File

@ -16,7 +16,7 @@
"version_data" : [ "version_data" : [
{ {
"version_affected" : "<", "version_affected" : "<",
"version_value" : "66.0.3359.106" "version_value" : "66.0.3359.117"
} }
] ]
} }
@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.106 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction." "value" : "The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction."
} }
] ]
}, },