Vulnerability & Exploit Database

Google Chrome Vulnerability: CVE-2018-18350 Vulnerability

• Severity: 4
• Published: December 11, 2018

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Red Hat: CVE-2018-18350: Important: chromium-browser security update (RHSA-2018:3803) Vulnerability

• Severity: 4
• Published: December 10, 2018

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.

SUSE: CVE-2018-18350: SUSE Linux Security Advisory Vulnerability

• Severity: 4
• Published: December 07, 2018

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Debian: CVE-2018-18350: chromium-browser -- security update Vulnerability

• Severity: 4
• Published: December 07, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-4352:

Several vulnerabilities have been discovered in the chromium web browser.

FreeBSD: VID-546D4DD4-10EA-11E9-B407-080027EF1A23 (CVE-2018-18350): chromium -- multiple vulnerabilities Vulnerability

• Severity: 4
• Published: December 04, 2018

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.