Google Chrome vulnerabilities

CVE-2018-18353 [MEDIUM] CVE-2018-18353: Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on And Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page.

CVE-2018-18352 [MEDIUM] CWE-732 CVE-2018-18352: Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prio Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page.

CVE-2018-18351 [MEDIUM] CWE-20 CVE-2018-18351: Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google C Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page.

CVE-2018-18349 [MEDIUM] CWE-732 CVE-2018-18349: Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prio Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

CVE-2018-18344 [MEDIUM] CWE-269 CVE-2018-18344: Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension.

CVE-2018-18346 [MEDIUM] CVE-2018-18346: Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a re Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page.

CVE-2018-6152 [CRITICAL] CWE-434 CVE-2018-6152: The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as s The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.

CVE-2018-6086 [HIGH] CWE-416 CVE-2018-6086: A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cach A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

CVE-2018-6101 [HIGH] CWE-20 CVE-2018-6101: A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attac A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server.

CVE-2018-6087 [HIGH] CWE-416 CVE-2018-6087: A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2018-6088 [HIGH] CWE-20 CVE-2018-6088: An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote atta An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.

CVE-2018-6090 [HIGH] CWE-190 CVE-2018-6090: An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359. An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2018-6094 [HIGH] CWE-787 CVE-2018-6094: Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attack Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2018-6092 [HIGH] CWE-190 CVE-2018-6092: An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2018-6085 [HIGH] CWE-416 CVE-2018-6085: Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

CVE-2018-6115 [MEDIUM] CWE-20 CVE-2018-6115: Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66 Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page.

CVE-2018-6098 [MEDIUM] CVE-2018-6098: Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

CVE-2018-6099 [MEDIUM] CWE-200 CVE-2018-6099: A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.

CVE-2018-6116 [MEDIUM] CWE-476 CVE-2018-6116: A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attack A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

CVE-2018-6095 [MEDIUM] CWE-200 CVE-2018-6095: Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.33 Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page.