Unrated severityNVD Advisory· Published Dec 11, 2018· Updated Aug 5, 2024
CVE-2018-18358
CVE-2018-18358
Description
Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2
< 93.0.4577.82-1.1+ 1 more
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 71.0.3578.98-80.1
Patches
Vulnerability mechanics
References
6- access.redhat.com/errata/RHSA-2018:3803mitrevendor-advisoryx_refsource_REDHAT
- security.gentoo.org/glsa/201908-18mitrevendor-advisoryx_refsource_GENTOO
- www.debian.org/security/2018/dsa-4352mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/106084mitrevdb-entryx_refsource_BID
- chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.htmlmitrex_refsource_CONFIRM
- crbug.com/899126mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.