Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-6179

Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

Related bugs and status

CVE-2018-6179 (Candidate) is related to these bugs:

Bug #1772448: launcher script runs Python 2 despite checking for /usr/bin/python3

Summary				In	Importance	Status
	1772448	launcher script runs Python 2 despite checking for /usr/bin/python3		chromium-browser (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://crbug.com/816685
CONFIRM: https://chromereleases...
DEBIAN: DSA-4256
GENTOO: GLSA-201808-01
REDHAT: RHSA-2018:2282
BID: 104887