Unrated severityNVD Advisory· Published Jun 27, 2019· Updated Aug 5, 2024

CVE-2018-6118

Description

A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.

Affected products

osv-coords
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2
Range: < 66.0.3359.181-55.1
Google/Chromev5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop_26.htmlmitrex_refsource_MISC
crbug.com/831963mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000