vulnerability

Debian: CVE-2018-20071: chromium-browser -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Jan 9, 2019	Feb 25, 2019	Mar 30, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Jan 9, 2019

Added

Feb 25, 2019

Modified

Mar 30, 2026

Description

Insufficiently strict origin checks during JIT payment app installation in Payments in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to install a service worker for a domain that can host attacker controled files via a crafted HTML page.

Solution

debian-upgrade-chromium-browser

References

CVE-2018-20071
https://attackerkb.com/topics/CVE-2018-20071
CWE-79
DEBIAN-DSA-4330-1
EUVD-EUVD-2018-12646
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-12646

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today