CVE-2018-4878: A malicious website could host a page with malicious content which if loaded by Chrome would cause it to access content past the end of the allocated buffer resulting in process crash. Google has assigned the following CVE identifiers for the issues fixed in this release. Details of the issues and CVSS scores can be found in the links.

CVE-2018-4857: A security flaw in Blink occurred when rendering malicious content could lead to unexpected behaviour or remote code execution.

CVE-2018-4858: An issue was discovered in PDFium. Malicious PDFium content could cause pdfium to crash when loaded.

CVE-2018-4859: An issue was discovered in the handling of saved password. Malicious code could be loaded as a saved password.

CVE-2018-4860: An issue was discovered in how the application handles redirects. Redirected requests can specify an unpatched target, resulting in information disclosure.

CVE-2018-4861: An issue was discovered in how the application handles redirects. Redirected requests can specify an unpatched target, resulting in information disclosure.

CVE-2018-4862: An issue was discovered in how the application handles redirects. Redirected requests can specify an unpatched target, resulting in information disclosure.

CVE-2018-4863: An issue was discovered in how the application handles redirects. Redirected requests

References !---

1. https://www.csoonline.com/article/3295147/6-reasons-why-digital-marketing-is-important
2. https://www.csoonline.com/article/3254428/CVE-2022-0978
3. https://www.csoonline.com/article/3263817/CVE-2018-4878

Supported Versions and Build Numbers

Chrome Version 67.0.3396.99
Build Number: Chrome 67.0.3396.99

Timeline

Published on: 07/22/2022 17:15:00 UTC
Last modified on: 08/15/2022 11:16:00 UTC

References