Medium severity6.5NVD Advisory· Published Jun 27, 2019· Updated Jun 17, 2026
CVE-2018-6148
CVE-2018-6148
Description
Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.0%20NonFree
< 93.0.4577.82-1.1+ 1 more
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 54.0.2952.41-lp150.2.3.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.