VYPR
Medium severity6.5NVD Advisory· Published Jun 27, 2019· Updated Jun 17, 2026

CVE-2018-6150

CVE-2018-6150

Description

Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Affected products

2
  • Google/Chromellm-fuzzy2 versions
    <66.0.3359.117+ 1 more
    • (no CPE)range: <66.0.3359.117
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.