OPENSUSE-SU-2018:0313-1
Vulnerability from csaf_opensuse - Published: 2018-01-31 10:21 - Updated: 2018-01-31 10:21Summary
Security update for chromium
Severity
Important
Notes
Title of the patch: Security update for chromium
Description of the patch: This update for chromium to 64.0.3282.119 fixes several issues.
These security issues were fixed:
- CVE-2018-6031: Use after free in PDFium (boo#1077571)
- CVE-2018-6032: Same origin bypass in Shared Worker (boo#1077571)
- CVE-2018-6033: Race when opening downloaded files (boo#1077571)
- CVE-2018-6034: Integer overflow in Blink (boo#1077571)
- CVE-2018-6035: Insufficient isolation of devtools from extensions (boo#1077571)
- CVE-2018-6036: Integer underflow in WebAssembly (boo#1077571)
- CVE-2018-6037: Insufficient user gesture requirements in autofill (boo#1077571)
- CVE-2018-6038: Heap buffer overflow in WebGL (boo#1077571)
- CVE-2018-6039: XSS in DevTools (boo#1077571)
- CVE-2018-6040: Content security policy bypass (boo#1077571)
- CVE-2018-6041: URL spoof in Navigation (boo#1077571)
- CVE-2018-6042: URL spoof in OmniBox (boo#1077571)
- CVE-2018-6043: Insufficient escaping with external URL handlers (boo#1077571)
- CVE-2018-6045: Insufficient isolation of devtools from extensions (boo#1077571)
- CVE-2018-6046: Insufficient isolation of devtools from extensions (boo#1077571)
- CVE-2018-6047: Cross origin URL leak in WebGL (boo#1077571)
- CVE-2018-6048: Referrer policy bypass in Blink (boo#1077571)
- CVE-2017-15420: URL spoofing in Omnibox (boo#1077571)
- CVE-2018-6049: UI spoof in Permissions (boo#1077571)
- CVE-2018-6050: URL spoof in OmniBox (boo#1077571)
- CVE-2018-6051: Referrer leak in XSS Auditor (boo#1077571)
- CVE-2018-6052: Incomplete no-referrer policy implementation (boo#1077571)
- CVE-2018-6053: Leak of page thumbnails in New Tab Page (boo#1077571)
- CVE-2018-6054: Use after free in WebUI (boo#1077571)
Re was updated to version 2018-01-01 (boo#1073323)
Patchnames: openSUSE-2018-106
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium to 64.0.3282.119 fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2018-6031: Use after free in PDFium (boo#1077571)\n- CVE-2018-6032: Same origin bypass in Shared Worker (boo#1077571)\n- CVE-2018-6033: Race when opening downloaded files (boo#1077571)\n- CVE-2018-6034: Integer overflow in Blink (boo#1077571)\n- CVE-2018-6035: Insufficient isolation of devtools from extensions (boo#1077571)\n- CVE-2018-6036: Integer underflow in WebAssembly (boo#1077571)\n- CVE-2018-6037: Insufficient user gesture requirements in autofill (boo#1077571)\n- CVE-2018-6038: Heap buffer overflow in WebGL (boo#1077571)\n- CVE-2018-6039: XSS in DevTools (boo#1077571)\n- CVE-2018-6040: Content security policy bypass (boo#1077571)\n- CVE-2018-6041: URL spoof in Navigation (boo#1077571)\n- CVE-2018-6042: URL spoof in OmniBox (boo#1077571)\n- CVE-2018-6043: Insufficient escaping with external URL handlers (boo#1077571)\n- CVE-2018-6045: Insufficient isolation of devtools from extensions (boo#1077571)\n- CVE-2018-6046: Insufficient isolation of devtools from extensions (boo#1077571)\n- CVE-2018-6047: Cross origin URL leak in WebGL (boo#1077571)\n- CVE-2018-6048: Referrer policy bypass in Blink (boo#1077571)\n- CVE-2017-15420: URL spoofing in Omnibox (boo#1077571)\n- CVE-2018-6049: UI spoof in Permissions (boo#1077571)\n- CVE-2018-6050: URL spoof in OmniBox (boo#1077571)\n- CVE-2018-6051: Referrer leak in XSS Auditor (boo#1077571)\n- CVE-2018-6052: Incomplete no-referrer policy implementation (boo#1077571)\n- CVE-2018-6053: Leak of page thumbnails in New Tab Page (boo#1077571)\n- CVE-2018-6054: Use after free in WebUI (boo#1077571)\n\nRe was updated to version 2018-01-01 (boo#1073323) \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2018-106",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2018_0313-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2018:0313-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/73CJAOQ7VWKHQWOYUWLGMB37IYUP35O6/#73CJAOQ7VWKHQWOYUWLGMB37IYUP35O6"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2018:0313-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/73CJAOQ7VWKHQWOYUWLGMB37IYUP35O6/#73CJAOQ7VWKHQWOYUWLGMB37IYUP35O6"
},
{
"category": "self",
"summary": "SUSE Bug 1073323",
"url": "https://bugzilla.suse.com/1073323"
},
{
"category": "self",
"summary": "SUSE Bug 1077571",
"url": "https://bugzilla.suse.com/1077571"
},
{
"category": "self",
"summary": "SUSE Bug 1077722",
"url": "https://bugzilla.suse.com/1077722"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15420 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6031 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6033 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6034 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6035 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6036 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6037 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6038 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6039 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6040 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6041 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6042 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6043 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6045 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6046 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6047 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6048 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6049 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6050 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6051 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6052 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6053 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6054 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6054/"
}
],
"title": "Security update for chromium",
"tracking": {
"current_release_date": "2018-01-31T10:21:32Z",
"generator": {
"date": "2018-01-31T10:21:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2018:0313-1",
"initial_release_date": "2018-01-31T10:21:32Z",
"revision_history": [
{
"date": "2018-01-31T10:21:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20180101-5.1.aarch64",
"product": {
"name": "libre2-0-20180101-5.1.aarch64",
"product_id": "libre2-0-20180101-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "re2-devel-20180101-5.1.aarch64",
"product": {
"name": "re2-devel-20180101-5.1.aarch64",
"product_id": "re2-devel-20180101-5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20180101-5.1.ppc64le",
"product": {
"name": "libre2-0-20180101-5.1.ppc64le",
"product_id": "libre2-0-20180101-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "re2-devel-20180101-5.1.ppc64le",
"product": {
"name": "re2-devel-20180101-5.1.ppc64le",
"product_id": "re2-devel-20180101-5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20180101-5.1.s390x",
"product": {
"name": "libre2-0-20180101-5.1.s390x",
"product_id": "libre2-0-20180101-5.1.s390x"
}
},
{
"category": "product_version",
"name": "re2-devel-20180101-5.1.s390x",
"product": {
"name": "re2-devel-20180101-5.1.s390x",
"product_id": "re2-devel-20180101-5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-64.0.3282.119-46.2.x86_64",
"product": {
"name": "chromedriver-64.0.3282.119-46.2.x86_64",
"product_id": "chromedriver-64.0.3282.119-46.2.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-64.0.3282.119-46.2.x86_64",
"product": {
"name": "chromium-64.0.3282.119-46.2.x86_64",
"product_id": "chromium-64.0.3282.119-46.2.x86_64"
}
},
{
"category": "product_version",
"name": "libre2-0-20180101-5.1.x86_64",
"product": {
"name": "libre2-0-20180101-5.1.x86_64",
"product_id": "libre2-0-20180101-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "re2-devel-20180101-5.1.x86_64",
"product": {
"name": "re2-devel-20180101-5.1.x86_64",
"product_id": "re2-devel-20180101-5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 12",
"product": {
"name": "SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Package Hub 12 SP2",
"product": {
"name": "SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-64.0.3282.119-46.2.x86_64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64"
},
"product_reference": "chromedriver-64.0.3282.119-46.2.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-64.0.3282.119-46.2.x86_64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64"
},
"product_reference": "chromium-64.0.3282.119-46.2.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20180101-5.1.aarch64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64"
},
"product_reference": "libre2-0-20180101-5.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20180101-5.1.ppc64le as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le"
},
"product_reference": "libre2-0-20180101-5.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20180101-5.1.s390x as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:libre2-0-20180101-5.1.s390x"
},
"product_reference": "libre2-0-20180101-5.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20180101-5.1.x86_64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64"
},
"product_reference": "libre2-0-20180101-5.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20180101-5.1.aarch64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64"
},
"product_reference": "re2-devel-20180101-5.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20180101-5.1.ppc64le as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le"
},
"product_reference": "re2-devel-20180101-5.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20180101-5.1.s390x as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:re2-devel-20180101-5.1.s390x"
},
"product_reference": "re2-devel-20180101-5.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20180101-5.1.x86_64 as component of SUSE Package Hub 12",
"product_id": "SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
},
"product_reference": "re2-devel-20180101-5.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-64.0.3282.119-46.2.x86_64 as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64"
},
"product_reference": "chromedriver-64.0.3282.119-46.2.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-64.0.3282.119-46.2.x86_64 as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64"
},
"product_reference": "chromium-64.0.3282.119-46.2.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20180101-5.1.aarch64 as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64"
},
"product_reference": "libre2-0-20180101-5.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20180101-5.1.ppc64le as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le"
},
"product_reference": "libre2-0-20180101-5.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20180101-5.1.s390x as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x"
},
"product_reference": "libre2-0-20180101-5.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20180101-5.1.x86_64 as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64"
},
"product_reference": "libre2-0-20180101-5.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20180101-5.1.aarch64 as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64"
},
"product_reference": "re2-devel-20180101-5.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20180101-5.1.ppc64le as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le"
},
"product_reference": "re2-devel-20180101-5.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20180101-5.1.s390x as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x"
},
"product_reference": "re2-devel-20180101-5.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20180101-5.1.x86_64 as component of SUSE Package Hub 12 SP2",
"product_id": "SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64"
},
"product_reference": "re2-devel-20180101-5.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-15420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15420"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15420",
"url": "https://www.suse.com/security/cve/CVE-2017-15420"
},
{
"category": "external",
"summary": "SUSE Bug 1071691 for CVE-2017-15420",
"url": "https://bugzilla.suse.com/1071691"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2017-15420",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2017-15420"
},
{
"cve": "CVE-2018-6031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6031"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6031",
"url": "https://www.suse.com/security/cve/CVE-2018-6031"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6031",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "important"
}
],
"title": "CVE-2018-6031"
},
{
"cve": "CVE-2018-6032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6032"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6032",
"url": "https://www.suse.com/security/cve/CVE-2018-6032"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6032",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "important"
}
],
"title": "CVE-2018-6032"
},
{
"cve": "CVE-2018-6033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6033"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6033",
"url": "https://www.suse.com/security/cve/CVE-2018-6033"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6033",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "important"
}
],
"title": "CVE-2018-6033"
},
{
"cve": "CVE-2018-6034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6034"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6034",
"url": "https://www.suse.com/security/cve/CVE-2018-6034"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6034",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "important"
}
],
"title": "CVE-2018-6034"
},
{
"cve": "CVE-2018-6035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6035"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6035",
"url": "https://www.suse.com/security/cve/CVE-2018-6035"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6035",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "important"
}
],
"title": "CVE-2018-6035"
},
{
"cve": "CVE-2018-6036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6036"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6036",
"url": "https://www.suse.com/security/cve/CVE-2018-6036"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6036",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6036"
},
{
"cve": "CVE-2018-6037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6037"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6037",
"url": "https://www.suse.com/security/cve/CVE-2018-6037"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6037",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6037"
},
{
"cve": "CVE-2018-6038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6038"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6038",
"url": "https://www.suse.com/security/cve/CVE-2018-6038"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6038",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6038"
},
{
"cve": "CVE-2018-6039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6039"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6039",
"url": "https://www.suse.com/security/cve/CVE-2018-6039"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6039",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6039"
},
{
"cve": "CVE-2018-6040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6040"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6040",
"url": "https://www.suse.com/security/cve/CVE-2018-6040"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6040",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6040"
},
{
"cve": "CVE-2018-6041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6041"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6041",
"url": "https://www.suse.com/security/cve/CVE-2018-6041"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6041",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6041"
},
{
"cve": "CVE-2018-6042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6042"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6042",
"url": "https://www.suse.com/security/cve/CVE-2018-6042"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6042",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6042"
},
{
"cve": "CVE-2018-6043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6043"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6043",
"url": "https://www.suse.com/security/cve/CVE-2018-6043"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6043",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "important"
}
],
"title": "CVE-2018-6043"
},
{
"cve": "CVE-2018-6045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6045"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6045",
"url": "https://www.suse.com/security/cve/CVE-2018-6045"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6045",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6045"
},
{
"cve": "CVE-2018-6046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6046"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6046",
"url": "https://www.suse.com/security/cve/CVE-2018-6046"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6046",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6046"
},
{
"cve": "CVE-2018-6047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6047"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user redirect URL via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6047",
"url": "https://www.suse.com/security/cve/CVE-2018-6047"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6047",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6047"
},
{
"cve": "CVE-2018-6048",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6048"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak referrer information via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6048",
"url": "https://www.suse.com/security/cve/CVE-2018-6048"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6048",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6048"
},
{
"cve": "CVE-2018-6049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6049"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in permissions prompt in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the origin to which permission is granted via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6049",
"url": "https://www.suse.com/security/cve/CVE-2018-6049"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6049",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6049"
},
{
"cve": "CVE-2018-6050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6050"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6050",
"url": "https://www.suse.com/security/cve/CVE-2018-6050"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6050",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6050"
},
{
"cve": "CVE-2018-6051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6051"
}
],
"notes": [
{
"category": "general",
"text": "XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6051",
"url": "https://www.suse.com/security/cve/CVE-2018-6051"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6051",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6051"
},
{
"cve": "CVE-2018-6052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6052"
}
],
"notes": [
{
"category": "general",
"text": "Lack of support for a non standard no-referrer policy value in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain referrer details from a web page that had thought it had opted out of sending referrer data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6052",
"url": "https://www.suse.com/security/cve/CVE-2018-6052"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6052",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6052"
},
{
"cve": "CVE-2018-6053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6053"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in New Tab Page in Google Chrome prior to 64.0.3282.119 allowed a local attacker to view website thumbnail images after clearing browser data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6053",
"url": "https://www.suse.com/security/cve/CVE-2018-6053"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6053",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "moderate"
}
],
"title": "CVE-2018-6053"
},
{
"cve": "CVE-2018-6054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6054"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6054",
"url": "https://www.suse.com/security/cve/CVE-2018-6054"
},
{
"category": "external",
"summary": "SUSE Bug 1077571 for CVE-2018-6054",
"url": "https://bugzilla.suse.com/1077571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Package Hub 12 SP2:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12 SP2:re2-devel-20180101-5.1.x86_64",
"SUSE Package Hub 12:chromedriver-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:chromium-64.0.3282.119-46.2.x86_64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.aarch64",
"SUSE Package Hub 12:libre2-0-20180101-5.1.ppc64le",
"SUSE Package Hub 12:libre2-0-20180101-5.1.s390x",
"SUSE Package Hub 12:libre2-0-20180101-5.1.x86_64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.aarch64",
"SUSE Package Hub 12:re2-devel-20180101-5.1.ppc64le",
"SUSE Package Hub 12:re2-devel-20180101-5.1.s390x",
"SUSE Package Hub 12:re2-devel-20180101-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-01-31T10:21:32Z",
"details": "important"
}
],
"title": "CVE-2018-6054"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…