Unrated severityNVD Advisory· Published Jun 27, 2019· Updated Aug 5, 2024
CVE-2018-6118
CVE-2018-6118
Description
A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2
< 93.0.4577.82-1.1+ 1 more
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 66.0.3359.181-55.1
Patches
Vulnerability mechanics
References
2- chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop_26.htmlmitrex_refsource_MISC
- crbug.com/831963mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.