{
  "document" : {
    "aggregate_severity" : {
      "text" : "hoch"
    },
    "category" : "csaf_base",
    "csaf_version" : "2.0",
    "distribution" : {
      "tlp" : {
        "label" : "WHITE",
        "url" : "https://www.first.org/tlp/"
      }
    },
    "lang" : "de-DE",
    "notes" : [ {
      "category" : "legal_disclaimer",
      "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen."
    }, {
      "category" : "description",
      "text" : "Chrome ist ein Internet-Browser von Google.",
      "title" : "Produktbeschreibung"
    }, {
      "category" : "summary",
      "text" : "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Chrome ausnutzen, um Informationen einzusehen, Sicherheitsmechanismen zu umgehen, Daten zu manipulieren, einen Denial of Service herbeizuführen oder Code mit den Privilegien des Angegriffenen zur Ausführung zu bringen.",
      "title" : "Angriff"
    }, {
      "category" : "general",
      "text" : "- Linux\n- MacOS X\n- Windows",
      "title" : "Betroffene Betriebssysteme"
    } ],
    "publisher" : {
      "category" : "other",
      "contact_details" : "csaf-provider@cert-bund.de",
      "name" : "Bundesamt für Sicherheit in der Informationstechnik",
      "namespace" : "https://www.bsi.bund.de"
    },
    "references" : [ {
      "category" : "self",
      "summary" : "WID-SEC-W-2025-2406 - CSAF Version",
      "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2025-2406.json"
    }, {
      "category" : "self",
      "summary" : "WID-SEC-2025-2406 - Portal Version",
      "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2406"
    }, {
      "category" : "external",
      "summary" : "https://chromereleases.googleblog.com/ vom 2017-12-06",
      "url" : "https://chromereleases.googleblog.com/"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2017:3401 vom 2017-12-07",
      "url" : "https://access.redhat.com/errata/RHSA-2017:3401"
    }, {
      "category" : "external",
      "summary" : "Debian Security Advisory DSA-4064 vom 2017-12-12",
      "url" : "https://www.debian.org/security/2017/dsa-4064"
    }, {
      "category" : "external",
      "summary" : "Ubuntu Security Notice USN-3513-1 vom 2017-12-13",
      "url" : "http://www.ubuntu.com/usn/usn-3513-1/"
    }, {
      "category" : "external",
      "summary" : "Ubuntu Security Notice USN-3513-2 vom 2017-12-13",
      "url" : "http://www.ubuntu.com/usn/usn-3513-2/"
    }, {
      "category" : "external",
      "summary" : "Debian Security Advisory DSA-4086 vom 2018-01-14",
      "url" : "https://www.debian.org/security/2018/dsa-4086"
    }, {
      "category" : "external",
      "summary" : "Debian Security Advisory DSA-4103 vom 2018-02-01",
      "url" : "http://www.debian.org/security/2018/dsa-4103"
    }, {
      "category" : "external",
      "summary" : "SUSE Security Update SUSE-SU-2018:0395-1 vom 2018-02-08",
      "url" : "https://www.suse.com/support/update/announcement/2018/suse-su-20180395-1.html"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2018:0287 vom 2018-02-08",
      "url" : "https://access.redhat.com/errata/RHSA-2018:0287"
    }, {
      "category" : "external",
      "summary" : "SUSE Security Update SUSE-SU-2018:0401-1 vom 2018-02-09",
      "url" : "https://www.suse.com/support/update/announcement/2018/suse-su-20180401-1.html"
    }, {
      "category" : "external",
      "summary" : "Debian Security Advisory DSA-4150 vom 2018-03-24",
      "url" : "https://www.debian.org/security/2018/dsa-4150"
    }, {
      "category" : "external",
      "summary" : "Ubuntu Security Notice USN-3610-1 vom 2018-03-29",
      "url" : "http://www.ubuntu.com/usn/usn-3610-1"
    }, {
      "category" : "external",
      "summary" : "Red Hat Security Advisory RHSA-2020:1190 vom 2020-03-31",
      "url" : "https://access.redhat.com/errata/RHSA-2020:1190"
    }, {
      "category" : "external",
      "summary" : "HCL Security Bulletin vom 2025-10-24",
      "url" : "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123933"
    } ],
    "source_lang" : "en-US",
    "title" : "Google Chrome: Mehrere Schwachstellen",
    "tracking" : {
      "current_release_date" : "2025-10-26T23:00:00.000+00:00",
      "generator" : {
        "date" : "2025-10-27T10:03:30.238+00:00",
        "engine" : {
          "name" : "BSI-WID",
          "version" : "1.4.0"
        }
      },
      "id" : "WID-SEC-W-2025-2406",
      "initial_release_date" : "2017-12-06T23:00:00.000+00:00",
      "revision_history" : [ {
        "date" : "2017-12-06T23:00:00.000+00:00",
        "number" : "1",
        "summary" : "Initial Release"
      }, {
        "date" : "2017-12-06T23:00:00.000+00:00",
        "number" : "2",
        "summary" : "Version nicht vorhanden"
      }, {
        "date" : "2017-12-07T23:00:00.000+00:00",
        "number" : "3",
        "summary" : "New remediations available"
      }, {
        "date" : "2017-12-12T23:00:00.000+00:00",
        "number" : "4",
        "summary" : "New remediations available"
      }, {
        "date" : "2017-12-13T23:00:00.000+00:00",
        "number" : "5",
        "summary" : "New remediations available"
      }, {
        "date" : "2017-12-18T23:00:00.000+00:00",
        "number" : "6",
        "summary" : "Added references"
      }, {
        "date" : "2018-01-31T23:00:00.000+00:00",
        "number" : "7",
        "summary" : "New remediations available"
      }, {
        "date" : "2018-02-08T23:00:00.000+00:00",
        "number" : "8",
        "summary" : "New remediations available"
      }, {
        "date" : "2018-03-25T22:00:00.000+00:00",
        "number" : "9",
        "summary" : "New remediations available"
      }, {
        "date" : "2018-03-28T22:00:00.000+00:00",
        "number" : "10",
        "summary" : "New remediations available"
      }, {
        "date" : "2018-05-27T22:00:00.000+00:00",
        "number" : "11",
        "summary" : "Added references"
      }, {
        "date" : "2018-05-27T22:00:00.000+00:00",
        "number" : "12",
        "summary" : "Version nicht vorhanden"
      }, {
        "date" : "2018-09-09T22:00:00.000+00:00",
        "number" : "13",
        "summary" : "Added references"
      }, {
        "date" : "2025-10-26T23:00:00.000+00:00",
        "number" : "14",
        "summary" : "Neue Updates von HCL aufgenommen"
      } ],
      "status" : "final",
      "version" : "14"
    }
  },
  "product_tree" : {
    "branches" : [ {
      "branches" : [ {
        "category" : "product_name",
        "name" : "Debian Linux",
        "product" : {
          "name" : "Debian Linux",
          "product_id" : "2951",
          "product_identification_helper" : {
            "cpe" : "cpe:/o:debian:debian_linux:-"
          }
        }
      } ],
      "category" : "vendor",
      "name" : "Debian"
    }, {
      "branches" : [ {
        "branches" : [ {
          "category" : "product_version_range",
          "name" : "<63.0.3239.84",
          "product" : {
            "name" : "Google Chrome <63.0.3239.84",
            "product_id" : "124580"
          }
        }, {
          "category" : "product_version",
          "name" : "63.0.3239.84",
          "product" : {
            "name" : "Google Chrome 63.0.3239.84",
            "product_id" : "124580-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:google:chrome:0.1.38.1"
            }
          }
        } ],
        "category" : "product_name",
        "name" : "Chrome"
      } ],
      "category" : "vendor",
      "name" : "Google"
    }, {
      "branches" : [ {
        "category" : "product_name",
        "name" : "HCL Commerce",
        "product" : {
          "name" : "HCL Commerce",
          "product_id" : "T019294",
          "product_identification_helper" : {
            "cpe" : "cpe:/a:hcltechsw:commerce:-"
          }
        }
      } ],
      "category" : "vendor",
      "name" : "HCL"
    }, {
      "branches" : [ {
        "category" : "product_name",
        "name" : "Red Hat Enterprise Linux",
        "product" : {
          "name" : "Red Hat Enterprise Linux",
          "product_id" : "67646",
          "product_identification_helper" : {
            "cpe" : "cpe:/o:redhat:enterprise_linux:-"
          }
        }
      } ],
      "category" : "vendor",
      "name" : "Red Hat"
    }, {
      "branches" : [ {
        "category" : "product_name",
        "name" : "SUSE Linux",
        "product" : {
          "name" : "SUSE Linux",
          "product_id" : "T002207",
          "product_identification_helper" : {
            "cpe" : "cpe:/o:suse:suse_linux:-"
          }
        }
      } ],
      "category" : "vendor",
      "name" : "SUSE"
    }, {
      "branches" : [ {
        "category" : "product_name",
        "name" : "Ubuntu Linux",
        "product" : {
          "name" : "Ubuntu Linux",
          "product_id" : "T000126",
          "product_identification_helper" : {
            "cpe" : "cpe:/o:canonical:ubuntu_linux:-"
          }
        }
      } ],
      "category" : "vendor",
      "name" : "Ubuntu"
    } ]
  },
  "vulnerabilities" : [ {
    "cve" : "CVE-2017-15407",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15407"
  }, {
    "cve" : "CVE-2017-15408",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15408"
  }, {
    "cve" : "CVE-2017-15409",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15409"
  }, {
    "cve" : "CVE-2017-15410",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15410"
  }, {
    "cve" : "CVE-2017-15411",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15411"
  }, {
    "cve" : "CVE-2017-15412",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15412"
  }, {
    "cve" : "CVE-2017-15413",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15413"
  }, {
    "cve" : "CVE-2017-15415",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15415"
  }, {
    "cve" : "CVE-2017-15416",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15416"
  }, {
    "cve" : "CVE-2017-15417",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15417"
  }, {
    "cve" : "CVE-2017-15418",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15418"
  }, {
    "cve" : "CVE-2017-15419",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15419"
  }, {
    "cve" : "CVE-2017-15420",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15420"
  }, {
    "cve" : "CVE-2017-15422",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15422"
  }, {
    "cve" : "CVE-2017-15423",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15423"
  }, {
    "cve" : "CVE-2017-15424",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15424"
  }, {
    "cve" : "CVE-2017-15425",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15425"
  }, {
    "cve" : "CVE-2017-15426",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15426"
  }, {
    "cve" : "CVE-2017-15427",
    "product_status" : {
      "known_affected" : [ "2951", "T002207", "67646", "T000126", "T019294", "124580" ]
    },
    "release_date" : "2017-12-06T23:00:00.000+00:00",
    "title" : "CVE-2017-15427"
  } ]
}