vulnerability
Red Hat: CVE-2018-6152: Important: chromium-browser security update (RHSA-2018:2282)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jul 24, 2018 | Jul 31, 2018 | Nov 8, 2023 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jul 24, 2018
Added
Jul 31, 2018
Modified
Nov 8, 2023
Description
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
Solutions
redhat-upgrade-chromium-browserredhat-upgrade-chromium-browser-debuginfo
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.