vulnerability
Red Hat: CVE-2018-18351: Important: chromium-browser security update (RHSA-2018:3803)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Dec 10, 2018 | Dec 11, 2018 | Nov 8, 2023 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Dec 10, 2018
Added
Dec 11, 2018
Modified
Nov 8, 2023
Description
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page.
Solutions
redhat-upgrade-chromium-browserredhat-upgrade-chromium-browser-debuginfo
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.