{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for Chromium","title":"Title of the patch"},{"category":"description","text":"This update for Chromium to version 66.0.3359.181 fixes the following issues:\n\n- CVE-2018-6118: Use after free in Media Cache (bsc#1091288)\n- CVE-2018-6085: Use after free in Disk Cache\n- CVE-2018-6086: Use after free in Disk Cache\n- CVE-2018-6087: Use after free in WebAssembly\n- CVE-2018-6088: Use after free in PDFium\n- CVE-2018-6089: Same origin policy bypass in Service Worker\n- CVE-2018-6090: Heap buffer overflow in Skia\n- CVE-2018-6091: Incorrect handling of plug-ins by Service Worker\n- CVE-2018-6092: Integer overflow in WebAssembly\n- CVE-2018-6093: Same origin bypass in Service Worker\n- CVE-2018-6094: Exploit hardening regression in Oilpan\n- CVE-2018-6095: Lack of meaningful user interaction requirement before file upload\n- CVE-2018-6096: Fullscreen UI spoof\n- CVE-2018-6097: Fullscreen UI spoof\n- CVE-2018-6098: URL spoof in Omnibox\n- CVE-2018-6099: CORS bypass in ServiceWorker\n- CVE-2018-6100: URL spoof in Omnibox\n- CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools \n- CVE-2018-6102: URL spoof in Omnibox\n- CVE-2018-6103: UI spoof in Permissions\n- CVE-2018-6104: URL spoof in Omnibox\n- CVE-2018-6105: URL spoof in Omnibox\n- CVE-2018-6106: Incorrect handling of promises in V8\n- CVE-2018-6107: URL spoof in Omnibox\n- CVE-2018-6108: URL spoof in Omnibox\n- CVE-2018-6109: Incorrect handling of files by FileAPI\n- CVE-2018-6110: Incorrect handling of plaintext files via file:// \n- CVE-2018-6111: Heap-use-after-free in DevTools\n- CVE-2018-6112: Incorrect URL handling in DevTools\n- CVE-2018-6113: URL spoof in Navigation\n- CVE-2018-6114: CSP bypass\n- CVE-2018-6115: SmartScreen bypass in downloads\n- CVE-2018-6116: Incorrect low memory handling in WebAssembly\n- CVE-2018-6117: Confusing autofill settings\n- CVE-2017-11215: Use after free in Flash\n- CVE-2017-11225: Use after free in Flash\n- CVE-2018-6060: Use after free in Blink\n- CVE-2018-6061: Race condition in V8\n- CVE-2018-6062: Heap buffer overflow in Skia\n- CVE-2018-6057: Incorrect permissions on shared memory\n- CVE-2018-6063: Incorrect permissions on shared memory\n- CVE-2018-6064: Type confusion in V8\n- CVE-2018-6065: Integer overflow in V8\n- CVE-2018-6066: Same Origin Bypass via canvas\n- CVE-2018-6067: Buffer overflow in Skia\n- CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab\n- CVE-2018-6069: Stack buffer overflow in Skia\n- CVE-2018-6070: CSP bypass through extensions\n- CVE-2018-6071: Heap bufffer overflow in Skia\n- CVE-2018-6072: Integer overflow in PDFium\n- CVE-2018-6073: Heap bufffer overflow in WebGL\n- CVE-2018-6074: Mark-of-the-Web bypass\n- CVE-2018-6075: Overly permissive cross origin downloads\n- CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink\n- CVE-2018-6077: Timing attack using SVG filters\n- CVE-2018-6078: URL Spoof in OmniBox\n- CVE-2018-6079: Information disclosure via texture data in WebGL\n- CVE-2018-6080: Information disclosure in IPC call\n- CVE-2018-6081: XSS in interstitials\n- CVE-2018-6082: Circumvention of port blocking\n- CVE-2018-6083: Incorrect processing of AppManifests\n- CVE-2018-6121: Privilege Escalation in extensions\n- CVE-2018-6122: Type confusion in V8\n- CVE-2018-6120: Heap buffer overflow in PDFium    \n- bsc#1086124: Various fixes from internal audits, fuzzing and other initiatives\n\nThis update also supports mitigation against the Spectre vulnerabilities:\n\n'Strict site isolation' is disabled for most users and can be turned on via:\nchrome://flags/#enable-site-per-process\n\nThis feature is undergoing a small percentage trial. Out out of the trial is possible via:\nchrome://flags/#site-isolation-trial-opt-out\n\n    \nThe following tracked packaging bug were fixed:\n\n- Chromium could not be installed from SUSE PackageHub 12 without having the SDK enabled (bsc#1070421)\n- Chromium could not be installed when libminizip1 was not available (bsc#1093031)\n","title":"Description of the patch"},{"category":"details","text":"openSUSE-2018-436","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2018_1437-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2018:1437-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2DBOODMITDSXVHCJIIPL7JVX44YVOERP/#2DBOODMITDSXVHCJIIPL7JVX44YVOERP"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2018:1437-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2DBOODMITDSXVHCJIIPL7JVX44YVOERP/#2DBOODMITDSXVHCJIIPL7JVX44YVOERP"},{"category":"self","summary":"SUSE Bug 1084296","url":"https://bugzilla.suse.com/1084296"},{"category":"self","summary":"SUSE Bug 1086124","url":"https://bugzilla.suse.com/1086124"},{"category":"self","summary":"SUSE Bug 1090000","url":"https://bugzilla.suse.com/1090000"},{"category":"self","summary":"SUSE Bug 1091288","url":"https://bugzilla.suse.com/1091288"},{"category":"self","summary":"SUSE Bug 1092272","url":"https://bugzilla.suse.com/1092272"},{"category":"self","summary":"SUSE Bug 1092923","url":"https://bugzilla.suse.com/1092923"},{"category":"self","summary":"SUSE Bug 1093031","url":"https://bugzilla.suse.com/1093031"},{"category":"self","summary":"SUSE CVE CVE-2017-11215 page","url":"https://www.suse.com/security/cve/CVE-2017-11215/"},{"category":"self","summary":"SUSE CVE CVE-2017-11225 page","url":"https://www.suse.com/security/cve/CVE-2017-11225/"},{"category":"self","summary":"SUSE CVE CVE-2018-6057 page","url":"https://www.suse.com/security/cve/CVE-2018-6057/"},{"category":"self","summary":"SUSE CVE CVE-2018-6060 page","url":"https://www.suse.com/security/cve/CVE-2018-6060/"},{"category":"self","summary":"SUSE CVE CVE-2018-6061 page","url":"https://www.suse.com/security/cve/CVE-2018-6061/"},{"category":"self","summary":"SUSE CVE CVE-2018-6062 page","url":"https://www.suse.com/security/cve/CVE-2018-6062/"},{"category":"self","summary":"SUSE CVE CVE-2018-6063 page","url":"https://www.suse.com/security/cve/CVE-2018-6063/"},{"category":"self","summary":"SUSE CVE CVE-2018-6064 page","url":"https://www.suse.com/security/cve/CVE-2018-6064/"},{"category":"self","summary":"SUSE CVE CVE-2018-6065 page","url":"https://www.suse.com/security/cve/CVE-2018-6065/"},{"category":"self","summary":"SUSE CVE CVE-2018-6066 page","url":"https://www.suse.com/security/cve/CVE-2018-6066/"},{"category":"self","summary":"SUSE CVE CVE-2018-6067 page","url":"https://www.suse.com/security/cve/CVE-2018-6067/"},{"category":"self","summary":"SUSE CVE CVE-2018-6068 page","url":"https://www.suse.com/security/cve/CVE-2018-6068/"},{"category":"self","summary":"SUSE CVE CVE-2018-6069 page","url":"https://www.suse.com/security/cve/CVE-2018-6069/"},{"category":"self","summary":"SUSE CVE CVE-2018-6070 page","url":"https://www.suse.com/security/cve/CVE-2018-6070/"},{"category":"self","summary":"SUSE CVE CVE-2018-6071 page","url":"https://www.suse.com/security/cve/CVE-2018-6071/"},{"category":"self","summary":"SUSE CVE CVE-2018-6072 page","url":"https://www.suse.com/security/cve/CVE-2018-6072/"},{"category":"self","summary":"SUSE CVE CVE-2018-6073 page","url":"https://www.suse.com/security/cve/CVE-2018-6073/"},{"category":"self","summary":"SUSE CVE CVE-2018-6074 page","url":"https://www.suse.com/security/cve/CVE-2018-6074/"},{"category":"self","summary":"SUSE CVE CVE-2018-6075 page","url":"https://www.suse.com/security/cve/CVE-2018-6075/"},{"category":"self","summary":"SUSE CVE CVE-2018-6076 page","url":"https://www.suse.com/security/cve/CVE-2018-6076/"},{"category":"self","summary":"SUSE CVE CVE-2018-6077 page","url":"https://www.suse.com/security/cve/CVE-2018-6077/"},{"category":"self","summary":"SUSE CVE CVE-2018-6078 page","url":"https://www.suse.com/security/cve/CVE-2018-6078/"},{"category":"self","summary":"SUSE CVE CVE-2018-6079 page","url":"https://www.suse.com/security/cve/CVE-2018-6079/"},{"category":"self","summary":"SUSE CVE CVE-2018-6080 page","url":"https://www.suse.com/security/cve/CVE-2018-6080/"},{"category":"self","summary":"SUSE CVE CVE-2018-6081 page","url":"https://www.suse.com/security/cve/CVE-2018-6081/"},{"category":"self","summary":"SUSE CVE CVE-2018-6082 page","url":"https://www.suse.com/security/cve/CVE-2018-6082/"},{"category":"self","summary":"SUSE CVE CVE-2018-6083 page","url":"https://www.suse.com/security/cve/CVE-2018-6083/"},{"category":"self","summary":"SUSE CVE CVE-2018-6085 page","url":"https://www.suse.com/security/cve/CVE-2018-6085/"},{"category":"self","summary":"SUSE CVE CVE-2018-6086 page","url":"https://www.suse.com/security/cve/CVE-2018-6086/"},{"category":"self","summary":"SUSE CVE CVE-2018-6087 page","url":"https://www.suse.com/security/cve/CVE-2018-6087/"},{"category":"self","summary":"SUSE CVE CVE-2018-6088 page","url":"https://www.suse.com/security/cve/CVE-2018-6088/"},{"category":"self","summary":"SUSE CVE CVE-2018-6089 page","url":"https://www.suse.com/security/cve/CVE-2018-6089/"},{"category":"self","summary":"SUSE CVE CVE-2018-6090 page","url":"https://www.suse.com/security/cve/CVE-2018-6090/"},{"category":"self","summary":"SUSE CVE CVE-2018-6091 page","url":"https://www.suse.com/security/cve/CVE-2018-6091/"},{"category":"self","summary":"SUSE CVE CVE-2018-6092 page","url":"https://www.suse.com/security/cve/CVE-2018-6092/"},{"category":"self","summary":"SUSE CVE CVE-2018-6093 page","url":"https://www.suse.com/security/cve/CVE-2018-6093/"},{"category":"self","summary":"SUSE CVE CVE-2018-6094 page","url":"https://www.suse.com/security/cve/CVE-2018-6094/"},{"category":"self","summary":"SUSE CVE CVE-2018-6095 page","url":"https://www.suse.com/security/cve/CVE-2018-6095/"},{"category":"self","summary":"SUSE CVE CVE-2018-6096 page","url":"https://www.suse.com/security/cve/CVE-2018-6096/"},{"category":"self","summary":"SUSE CVE CVE-2018-6097 page","url":"https://www.suse.com/security/cve/CVE-2018-6097/"},{"category":"self","summary":"SUSE CVE CVE-2018-6098 page","url":"https://www.suse.com/security/cve/CVE-2018-6098/"},{"category":"self","summary":"SUSE CVE CVE-2018-6099 page","url":"https://www.suse.com/security/cve/CVE-2018-6099/"},{"category":"self","summary":"SUSE CVE CVE-2018-6100 page","url":"https://www.suse.com/security/cve/CVE-2018-6100/"},{"category":"self","summary":"SUSE CVE CVE-2018-6101 page","url":"https://www.suse.com/security/cve/CVE-2018-6101/"},{"category":"self","summary":"SUSE CVE CVE-2018-6102 page","url":"https://www.suse.com/security/cve/CVE-2018-6102/"},{"category":"self","summary":"SUSE CVE CVE-2018-6103 page","url":"https://www.suse.com/security/cve/CVE-2018-6103/"},{"category":"self","summary":"SUSE CVE CVE-2018-6104 page","url":"https://www.suse.com/security/cve/CVE-2018-6104/"},{"category":"self","summary":"SUSE CVE CVE-2018-6105 page","url":"https://www.suse.com/security/cve/CVE-2018-6105/"},{"category":"self","summary":"SUSE CVE CVE-2018-6106 page","url":"https://www.suse.com/security/cve/CVE-2018-6106/"},{"category":"self","summary":"SUSE CVE CVE-2018-6107 page","url":"https://www.suse.com/security/cve/CVE-2018-6107/"},{"category":"self","summary":"SUSE CVE CVE-2018-6108 page","url":"https://www.suse.com/security/cve/CVE-2018-6108/"},{"category":"self","summary":"SUSE CVE CVE-2018-6109 page","url":"https://www.suse.com/security/cve/CVE-2018-6109/"},{"category":"self","summary":"SUSE CVE CVE-2018-6110 page","url":"https://www.suse.com/security/cve/CVE-2018-6110/"},{"category":"self","summary":"SUSE CVE CVE-2018-6111 page","url":"https://www.suse.com/security/cve/CVE-2018-6111/"},{"category":"self","summary":"SUSE CVE CVE-2018-6112 page","url":"https://www.suse.com/security/cve/CVE-2018-6112/"},{"category":"self","summary":"SUSE CVE CVE-2018-6113 page","url":"https://www.suse.com/security/cve/CVE-2018-6113/"},{"category":"self","summary":"SUSE CVE CVE-2018-6114 page","url":"https://www.suse.com/security/cve/CVE-2018-6114/"},{"category":"self","summary":"SUSE CVE CVE-2018-6115 page","url":"https://www.suse.com/security/cve/CVE-2018-6115/"},{"category":"self","summary":"SUSE CVE CVE-2018-6116 page","url":"https://www.suse.com/security/cve/CVE-2018-6116/"},{"category":"self","summary":"SUSE CVE CVE-2018-6117 page","url":"https://www.suse.com/security/cve/CVE-2018-6117/"},{"category":"self","summary":"SUSE CVE CVE-2018-6118 page","url":"https://www.suse.com/security/cve/CVE-2018-6118/"},{"category":"self","summary":"SUSE CVE CVE-2018-6120 page","url":"https://www.suse.com/security/cve/CVE-2018-6120/"},{"category":"self","summary":"SUSE CVE CVE-2018-6121 page","url":"https://www.suse.com/security/cve/CVE-2018-6121/"},{"category":"self","summary":"SUSE CVE CVE-2018-6122 page","url":"https://www.suse.com/security/cve/CVE-2018-6122/"}],"title":"Security update for Chromium","tracking":{"current_release_date":"2018-05-27T11:26:33Z","generator":{"date":"2018-05-27T11:26:33Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2018:1437-1","initial_release_date":"2018-05-27T11:26:33Z","revision_history":[{"date":"2018-05-27T11:26:33Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"chromedriver-66.0.3359.181-55.1.aarch64","product":{"name":"chromedriver-66.0.3359.181-55.1.aarch64","product_id":"chromedriver-66.0.3359.181-55.1.aarch64"}},{"category":"product_version","name":"chromium-66.0.3359.181-55.1.aarch64","product":{"name":"chromium-66.0.3359.181-55.1.aarch64","product_id":"chromium-66.0.3359.181-55.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"chromedriver-66.0.3359.181-55.1.x86_64","product":{"name":"chromedriver-66.0.3359.181-55.1.x86_64","product_id":"chromedriver-66.0.3359.181-55.1.x86_64"}},{"category":"product_version","name":"chromium-66.0.3359.181-55.1.x86_64","product":{"name":"chromium-66.0.3359.181-55.1.x86_64","product_id":"chromium-66.0.3359.181-55.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Package Hub 12 SP2","product":{"name":"SUSE Package Hub 12 SP2","product_id":"SUSE Package Hub 12 SP2","product_identification_helper":{"cpe":"cpe:/o:suse:packagehub:12:sp2"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"chromedriver-66.0.3359.181-55.1.aarch64 as component of SUSE Package Hub 12 SP2","product_id":"SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64"},"product_reference":"chromedriver-66.0.3359.181-55.1.aarch64","relates_to_product_reference":"SUSE Package Hub 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"chromedriver-66.0.3359.181-55.1.x86_64 as component of SUSE Package Hub 12 SP2","product_id":"SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64"},"product_reference":"chromedriver-66.0.3359.181-55.1.x86_64","relates_to_product_reference":"SUSE Package Hub 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"chromium-66.0.3359.181-55.1.aarch64 as component of SUSE Package Hub 12 SP2","product_id":"SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64"},"product_reference":"chromium-66.0.3359.181-55.1.aarch64","relates_to_product_reference":"SUSE Package Hub 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"chromium-66.0.3359.181-55.1.x86_64 as component of SUSE Package Hub 12 SP2","product_id":"SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"},"product_reference":"chromium-66.0.3359.181-55.1.x86_64","relates_to_product_reference":"SUSE Package Hub 12 SP2"}]},"vulnerabilities":[{"cve":"CVE-2017-11215","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-11215"}],"notes":[{"category":"general","text":"An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-11215","url":"https://www.suse.com/security/cve/CVE-2017-11215"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2017-11215","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"critical"}],"title":"CVE-2017-11215"},{"cve":"CVE-2017-11225","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-11225"}],"notes":[{"category":"general","text":"An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-11225","url":"https://www.suse.com/security/cve/CVE-2017-11225"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2017-11225","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"critical"}],"title":"CVE-2017-11225"},{"cve":"CVE-2018-6057","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6057"}],"notes":[{"category":"general","text":"Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6057","url":"https://www.suse.com/security/cve/CVE-2018-6057"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6057","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6057"},{"cve":"CVE-2018-6060","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6060"}],"notes":[{"category":"general","text":"Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6060","url":"https://www.suse.com/security/cve/CVE-2018-6060"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6060","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6060"},{"cve":"CVE-2018-6061","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6061"}],"notes":[{"category":"general","text":"A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6061","url":"https://www.suse.com/security/cve/CVE-2018-6061"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6061","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6061"},{"cve":"CVE-2018-6062","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6062"}],"notes":[{"category":"general","text":"Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6062","url":"https://www.suse.com/security/cve/CVE-2018-6062"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6062","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6062"},{"cve":"CVE-2018-6063","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6063"}],"notes":[{"category":"general","text":"Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6063","url":"https://www.suse.com/security/cve/CVE-2018-6063"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6063","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6063"},{"cve":"CVE-2018-6064","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6064"}],"notes":[{"category":"general","text":"Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6064","url":"https://www.suse.com/security/cve/CVE-2018-6064"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6064","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6064"},{"cve":"CVE-2018-6065","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6065"}],"notes":[{"category":"general","text":"Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6065","url":"https://www.suse.com/security/cve/CVE-2018-6065"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6065","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6065"},{"cve":"CVE-2018-6066","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6066"}],"notes":[{"category":"general","text":"Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6066","url":"https://www.suse.com/security/cve/CVE-2018-6066"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6066","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6066"},{"cve":"CVE-2018-6067","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6067"}],"notes":[{"category":"general","text":"Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6067","url":"https://www.suse.com/security/cve/CVE-2018-6067"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6067","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6067"},{"cve":"CVE-2018-6068","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6068"}],"notes":[{"category":"general","text":"Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6068","url":"https://www.suse.com/security/cve/CVE-2018-6068"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6068","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6068"},{"cve":"CVE-2018-6069","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6069"}],"notes":[{"category":"general","text":"Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6069","url":"https://www.suse.com/security/cve/CVE-2018-6069"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6069","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6069"},{"cve":"CVE-2018-6070","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6070"}],"notes":[{"category":"general","text":"Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6070","url":"https://www.suse.com/security/cve/CVE-2018-6070"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6070","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6070"},{"cve":"CVE-2018-6071","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6071"}],"notes":[{"category":"general","text":"An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6071","url":"https://www.suse.com/security/cve/CVE-2018-6071"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6071","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6071"},{"cve":"CVE-2018-6072","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6072"}],"notes":[{"category":"general","text":"An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6072","url":"https://www.suse.com/security/cve/CVE-2018-6072"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6072","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6072"},{"cve":"CVE-2018-6073","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6073"}],"notes":[{"category":"general","text":"A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6073","url":"https://www.suse.com/security/cve/CVE-2018-6073"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6073","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6073"},{"cve":"CVE-2018-6074","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6074"}],"notes":[{"category":"general","text":"Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to bypass OS level controls via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6074","url":"https://www.suse.com/security/cve/CVE-2018-6074"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6074","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6074"},{"cve":"CVE-2018-6075","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6075"}],"notes":[{"category":"general","text":"Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6075","url":"https://www.suse.com/security/cve/CVE-2018-6075"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6075","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6075"},{"cve":"CVE-2018-6076","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6076"}],"notes":[{"category":"general","text":"Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6076","url":"https://www.suse.com/security/cve/CVE-2018-6076"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6076","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6076"},{"cve":"CVE-2018-6077","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6077"}],"notes":[{"category":"general","text":"Displacement map filters being applied to cross-origin images in Blink SVG rendering in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6077","url":"https://www.suse.com/security/cve/CVE-2018-6077"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6077","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6077"},{"cve":"CVE-2018-6078","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6078"}],"notes":[{"category":"general","text":"Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6078","url":"https://www.suse.com/security/cve/CVE-2018-6078"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6078","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6078"},{"cve":"CVE-2018-6079","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6079"}],"notes":[{"category":"general","text":"Inappropriate sharing of TEXTURE_2D_ARRAY/TEXTURE_3D data between tabs in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6079","url":"https://www.suse.com/security/cve/CVE-2018-6079"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6079","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6079"},{"cve":"CVE-2018-6080","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6080"}],"notes":[{"category":"general","text":"Lack of access control checks in Instrumentation in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to obtain memory metadata from privileged processes .","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6080","url":"https://www.suse.com/security/cve/CVE-2018-6080"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6080","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6080"},{"cve":"CVE-2018-6081","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6081"}],"notes":[{"category":"general","text":"XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6081","url":"https://www.suse.com/security/cve/CVE-2018-6081"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6081","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6081"},{"cve":"CVE-2018-6082","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6082"}],"notes":[{"category":"general","text":"Including port 22 in the list of allowed FTP ports in Networking in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially enumerate internal host services via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6082","url":"https://www.suse.com/security/cve/CVE-2018-6082"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6082","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6082"},{"cve":"CVE-2018-6083","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6083"}],"notes":[{"category":"general","text":"Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6083","url":"https://www.suse.com/security/cve/CVE-2018-6083"},{"category":"external","summary":"SUSE Bug 1084296 for CVE-2018-6083","url":"https://bugzilla.suse.com/1084296"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6083"},{"cve":"CVE-2018-6085","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6085"}],"notes":[{"category":"general","text":"Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6085","url":"https://www.suse.com/security/cve/CVE-2018-6085"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6085","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6085"},{"cve":"CVE-2018-6086","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6086"}],"notes":[{"category":"general","text":"A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6086","url":"https://www.suse.com/security/cve/CVE-2018-6086"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6086","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6086"},{"cve":"CVE-2018-6087","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6087"}],"notes":[{"category":"general","text":"A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6087","url":"https://www.suse.com/security/cve/CVE-2018-6087"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6087","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6087"},{"cve":"CVE-2018-6088","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6088"}],"notes":[{"category":"general","text":"An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6088","url":"https://www.suse.com/security/cve/CVE-2018-6088"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6088","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6088"},{"cve":"CVE-2018-6089","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6089"}],"notes":[{"category":"general","text":"A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6089","url":"https://www.suse.com/security/cve/CVE-2018-6089"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6089","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6089"},{"cve":"CVE-2018-6090","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6090"}],"notes":[{"category":"general","text":"An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6090","url":"https://www.suse.com/security/cve/CVE-2018-6090"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6090","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6090"},{"cve":"CVE-2018-6091","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6091"}],"notes":[{"category":"general","text":"Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6091","url":"https://www.suse.com/security/cve/CVE-2018-6091"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6091","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6091"},{"cve":"CVE-2018-6092","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6092"}],"notes":[{"category":"general","text":"An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6092","url":"https://www.suse.com/security/cve/CVE-2018-6092"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6092","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6092"},{"cve":"CVE-2018-6093","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6093"}],"notes":[{"category":"general","text":"Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6093","url":"https://www.suse.com/security/cve/CVE-2018-6093"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6093","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6093"},{"cve":"CVE-2018-6094","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6094"}],"notes":[{"category":"general","text":"Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6094","url":"https://www.suse.com/security/cve/CVE-2018-6094"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6094","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6094"},{"cve":"CVE-2018-6095","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6095"}],"notes":[{"category":"general","text":"Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6095","url":"https://www.suse.com/security/cve/CVE-2018-6095"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6095","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6095"},{"cve":"CVE-2018-6096","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6096"}],"notes":[{"category":"general","text":"A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6096","url":"https://www.suse.com/security/cve/CVE-2018-6096"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6096","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6096"},{"cve":"CVE-2018-6097","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6097"}],"notes":[{"category":"general","text":"Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6097","url":"https://www.suse.com/security/cve/CVE-2018-6097"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6097","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6097"},{"cve":"CVE-2018-6098","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6098"}],"notes":[{"category":"general","text":"Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6098","url":"https://www.suse.com/security/cve/CVE-2018-6098"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6098","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6098"},{"cve":"CVE-2018-6099","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6099"}],"notes":[{"category":"general","text":"A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6099","url":"https://www.suse.com/security/cve/CVE-2018-6099"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6099","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6099"},{"cve":"CVE-2018-6100","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6100"}],"notes":[{"category":"general","text":"Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6100","url":"https://www.suse.com/security/cve/CVE-2018-6100"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6100","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6100"},{"cve":"CVE-2018-6101","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6101"}],"notes":[{"category":"general","text":"A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6101","url":"https://www.suse.com/security/cve/CVE-2018-6101"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6101","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6101"},{"cve":"CVE-2018-6102","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6102"}],"notes":[{"category":"general","text":"Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6102","url":"https://www.suse.com/security/cve/CVE-2018-6102"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6102","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6102"},{"cve":"CVE-2018-6103","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6103"}],"notes":[{"category":"general","text":"A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6103","url":"https://www.suse.com/security/cve/CVE-2018-6103"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6103","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6103"},{"cve":"CVE-2018-6104","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6104"}],"notes":[{"category":"general","text":"Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6104","url":"https://www.suse.com/security/cve/CVE-2018-6104"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6104","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6104"},{"cve":"CVE-2018-6105","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6105"}],"notes":[{"category":"general","text":"Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6105","url":"https://www.suse.com/security/cve/CVE-2018-6105"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6105","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6105"},{"cve":"CVE-2018-6106","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6106"}],"notes":[{"category":"general","text":"An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6106","url":"https://www.suse.com/security/cve/CVE-2018-6106"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6106","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6106"},{"cve":"CVE-2018-6107","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6107"}],"notes":[{"category":"general","text":"Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6107","url":"https://www.suse.com/security/cve/CVE-2018-6107"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6107","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6107"},{"cve":"CVE-2018-6108","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6108"}],"notes":[{"category":"general","text":"Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6108","url":"https://www.suse.com/security/cve/CVE-2018-6108"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6108","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6108"},{"cve":"CVE-2018-6109","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6109"}],"notes":[{"category":"general","text":"readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6109","url":"https://www.suse.com/security/cve/CVE-2018-6109"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6109","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6109"},{"cve":"CVE-2018-6110","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6110"}],"notes":[{"category":"general","text":"Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6110","url":"https://www.suse.com/security/cve/CVE-2018-6110"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6110","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6110"},{"cve":"CVE-2018-6111","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6111"}],"notes":[{"category":"general","text":"An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6111","url":"https://www.suse.com/security/cve/CVE-2018-6111"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6111","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6111"},{"cve":"CVE-2018-6112","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6112"}],"notes":[{"category":"general","text":"Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6112","url":"https://www.suse.com/security/cve/CVE-2018-6112"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6112","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6112"},{"cve":"CVE-2018-6113","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6113"}],"notes":[{"category":"general","text":"Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6113","url":"https://www.suse.com/security/cve/CVE-2018-6113"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6113","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6113"},{"cve":"CVE-2018-6114","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6114"}],"notes":[{"category":"general","text":"Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6114","url":"https://www.suse.com/security/cve/CVE-2018-6114"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6114","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6114"},{"cve":"CVE-2018-6115","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6115"}],"notes":[{"category":"general","text":"Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6115","url":"https://www.suse.com/security/cve/CVE-2018-6115"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6115","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6115"},{"cve":"CVE-2018-6116","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6116"}],"notes":[{"category":"general","text":"A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6116","url":"https://www.suse.com/security/cve/CVE-2018-6116"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6116","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6116"},{"cve":"CVE-2018-6117","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6117"}],"notes":[{"category":"general","text":"Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6117","url":"https://www.suse.com/security/cve/CVE-2018-6117"},{"category":"external","summary":"SUSE Bug 1090000 for CVE-2018-6117","url":"https://bugzilla.suse.com/1090000"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6117"},{"cve":"CVE-2018-6118","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6118"}],"notes":[{"category":"general","text":"A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6118","url":"https://www.suse.com/security/cve/CVE-2018-6118"},{"category":"external","summary":"SUSE Bug 1091288 for CVE-2018-6118","url":"https://bugzilla.suse.com/1091288"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"important"}],"title":"CVE-2018-6118"},{"cve":"CVE-2018-6120","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6120"}],"notes":[{"category":"general","text":"An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6120","url":"https://www.suse.com/security/cve/CVE-2018-6120"},{"category":"external","summary":"SUSE Bug 1092923 for CVE-2018-6120","url":"https://bugzilla.suse.com/1092923"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6120"},{"cve":"CVE-2018-6121","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6121"}],"notes":[{"category":"general","text":"Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6121","url":"https://www.suse.com/security/cve/CVE-2018-6121"},{"category":"external","summary":"SUSE Bug 1092923 for CVE-2018-6121","url":"https://bugzilla.suse.com/1092923"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6121"},{"cve":"CVE-2018-6122","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6122"}],"notes":[{"category":"general","text":"Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6122","url":"https://www.suse.com/security/cve/CVE-2018-6122"},{"category":"external","summary":"SUSE Bug 1092923 for CVE-2018-6122","url":"https://bugzilla.suse.com/1092923"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.8,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromedriver-66.0.3359.181-55.1.x86_64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.aarch64","SUSE Package Hub 12 SP2:chromium-66.0.3359.181-55.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-05-27T11:26:33Z","details":"moderate"}],"title":"CVE-2018-6122"}]}