Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 12 SP2 package re2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (25)
CVE-2018-6035 — CVSS 8.8 (high): Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user…
CVE-2018-6031 — CVSS 8.8 (high): Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2018-6406 — CVSS 8.8 (high): The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data…
CVE-2018-6033 — CVSS 8.8 (high): Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary…
CVE-2018-6054 — CVSS 8.8 (high): Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2018-6043 — CVSS 8.8 (high): Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially…
CVE-2018-6034 — CVSS 8.1 (high): Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory…
CVE-2017-15420 — CVSS 6.5 (medium): Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to…
CVE-2018-6032 — CVSS 6.5 (medium): Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user…
CVE-2018-6036 — CVSS 6.5 (medium): Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a…
CVE-2018-6037 — CVSS 6.5 (medium): Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with…
CVE-2018-6038 — CVSS 6.5 (medium): Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via…
CVE-2018-6040 — CVSS 6.5 (medium): Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content…
CVE-2018-6045 — CVSS 6.5 (medium): Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user…
CVE-2018-6049 — CVSS 6.5 (medium): Incorrect security UI in permissions prompt in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the origin to which…
CVE-2018-6050 — CVSS 6.5 (medium): Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox…
CVE-2018-6039 — CVSS 6.1 (medium): Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user…
CVE-2018-6046 — CVSS 6.1 (medium): Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user…
CVE-2018-6041 — CVSS 4.3 (medium): Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox…
CVE-2018-6047 — CVSS 4.3 (medium): Insufficient policy enforcement in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user…
CVE-2018-6052 — CVSS 4.3 (medium): Lack of support for a non standard no-referrer policy value in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to…
CVE-2018-6042 — CVSS 4.3 (medium): Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox…
CVE-2018-6051 — CVSS 4.3 (medium): XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which…
CVE-2018-6048 — CVSS 4.3 (medium): Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak referrer…
CVE-2018-6053 — CVSS 3.3 (low): Inappropriate implementation in New Tab Page in Google Chrome prior to 64.0.3282.119 allowed a local attacker to view website thumbnail…