rpm package
suse/re2&distro=SUSE Package Hub 12 SP2
pkg:rpm/suse/re2&distro=SUSE%20Package%20Hub%2012%20SP2
Vulnerabilities (25)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-6033 | Hig | 8.8 | < 20180101-5.1 | 20180101-5.1 | Sep 25, 2018 | Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension. | |
| CVE-2018-6032 | Med | 6.5 | < 20180101-5.1 | 20180101-5.1 | Sep 25, 2018 | Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page. | |
| CVE-2018-6031 | Hig | 8.8 | < 20180101-5.1 | 20180101-5.1 | Sep 25, 2018 | Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |
| CVE-2017-15420 | Med | 6.5 | < 20180101-5.1 | 20180101-5.1 | Aug 28, 2018 | Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |
| CVE-2018-6406 | Hig | 8.8 | < 20180201-8.1 | 20180201-8.1 | Jan 30, 2018 | The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read an |
- affected < 20180101-5.1fixed 20180101-5.1
Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension.
- affected < 20180101-5.1fixed 20180101-5.1
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page.
- affected < 20180101-5.1fixed 20180101-5.1
Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
- affected < 20180101-5.1fixed 20180101-5.1
Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
- affected < 20180201-8.1fixed 20180201-8.1
The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read an
Page 2 of 2