Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-6118 Ned Williamson discovered a use-after-free issue. CVE-2018-6120 Zhou Aiting discovered a buffer overflow issue in the pdfium library. CVE-2018-6121 It was discovered that malicious extensions could escalate privileges. CVE-2018-6122 A type confusion issue was discovered in the v8 javascript library. CVE-2018-6123 Looben Yang discovered a use-after-free issue. CVE-2018-6124 Guang Gong discovered a type confusion issue. CVE-2018-6125 Yubico discovered that the WebUSB implementation was too permissive. CVE-2018-6126 Ivan Fratric discovered a buffer overflow issue in the skia library. CVE-2018-6127 Looben Yang discovered a use-after-free issue. CVE-2018-6129 Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC. CVE-2018-6130 Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC. CVE-2018-6131 Natalie Silvanovich discovered an error in WebAssembly. CVE-2018-6132 Ronald E. Crane discovered an uninitialized memory issue. CVE-2018-6133 Khalil Zhani discovered a URL spoofing issue. CVE-2018-6134 Jun Kokatsu discovered a way to bypass the Referrer Policy. CVE-2018-6135 Jasper Rebane discovered a user interface spoofing issue. CVE-2018-6136 Peter Wong discovered an out-of-bounds read issue in the v8 javascript library. CVE-2018-6137 Michael Smith discovered an information leak. CVE-2018-6138 François Lajeunesse-Robert discovered that the extensions policy was too permissive. CVE-2018-6139 Rob Wu discovered a way to bypass restrictions in the debugger extension. CVE-2018-6140 Rob Wu discovered a way to bypass restrictions in the debugger extension. CVE-2018-6141 Yangkang discovered a buffer overflow issue in the skia library. CVE-2018-6142 Choongwoo Han discovered an out-of-bounds read in the v8 javascript library. CVE-2018-6143 Guang Gong discovered an out-of-bounds read in the v8 javascript library. CVE-2018-6144 pdknsk discovered an out-of-bounds read in the pdfium library. CVE-2018-6145 Masato Kinugawa discovered an error in the MathML implementation. CVE-2018-6147 Michail Pishchagin discovered an error in password entry fields. CVE-2018-6148 Michał Bentkowski discovered that the Content Security Policy header was handled incorrectly. CVE-2018-6149 Yu Zhou and Jundong Xie discovered an out-of-bounds write issue in the v8 javascript library. For the stable distribution (stretch), these problems have been fixed in version 67.0.3396.87-1~deb9u1. We recommend that you upgrade your chromium-browser packages. For the detailed security status of chromium-browser please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium-browser
Several vulnerabilities have been discovered in the chromium web browser.
Ned Williamson discovered a use-after-free issue.
Zhou Aiting discovered a buffer overflow issue in the pdfium library.
It was discovered that malicious extensions could escalate privileges.
A type confusion issue was discovered in the v8 javascript library.
Looben Yang discovered a use-after-free issue.
Guang Gong discovered a type confusion issue.
Yubico discovered that the WebUSB implementation was too permissive.
Ivan Fratric discovered a buffer overflow issue in the skia library.
Looben Yang discovered a use-after-free issue.
Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.
Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.
Natalie Silvanovich discovered an error in WebAssembly.
Ronald E. Crane discovered an uninitialized memory issue.
Khalil Zhani discovered a URL spoofing issue.
Jun Kokatsu discovered a way to bypass the Referrer Policy.
Jasper Rebane discovered a user interface spoofing issue.
Peter Wong discovered an out-of-bounds read issue in the v8 javascript library.
Michael Smith discovered an information leak.
François Lajeunesse-Robert discovered that the extensions policy was too permissive.
Rob Wu discovered a way to bypass restrictions in the debugger extension.
Rob Wu discovered a way to bypass restrictions in the debugger extension.
Yangkang discovered a buffer overflow issue in the skia library.
Choongwoo Han discovered an out-of-bounds read in the v8 javascript library.
Guang Gong discovered an out-of-bounds read in the v8 javascript library.
pdknsk discovered an out-of-bounds read in the pdfium library.
Masato Kinugawa discovered an error in the MathML implementation.
Michail Pishchagin discovered an error in password entry fields.
Michał Bentkowski discovered that the Content Security Policy header was handled incorrectly.
Yu Zhou and Jundong Xie discovered an out-of-bounds write issue in the v8 javascript library.
For the stable distribution (stretch), these problems have been fixed in version 67.0.3396.87-1~deb9u1.
We recommend that you upgrade your chromium-browser packages.
For the detailed security status of chromium-browser please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium-browser