CVE-2018-6119
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
25/09/2018
Last modified:
17/06/2026
Description
Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | 64.0.3282.119 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/105512
- https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html
- https://crbug.com/784761
- http://www.securityfocus.com/bid/105512
- https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html
- https://crbug.com/784761



