{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 66.0.3359.117.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in Disk Cache (CVE-2018-6085)\n\n* chromium-browser: Use after free in Disk Cache (CVE-2018-6086)\n\n* chromium-browser: Use after free in WebAssembly (CVE-2018-6087)\n\n* chromium-browser: Use after free in PDFium (CVE-2018-6088)\n\n* chromium-browser: Same origin policy bypass in Service Worker (CVE-2018-6089)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2018-6090)\n\n* chromium-browser: Incorrect handling of plug-ins by Service Worker (CVE-2018-6091)\n\n* chromium-browser: Integer overflow in WebAssembly (CVE-2018-6092)\n\n* chromium-browser: Same origin bypass in Service Worker (CVE-2018-6093)\n\n* chromium-browser: Exploit hardening regression in Oilpan (CVE-2018-6094)\n\n* chromium-browser: Lack of meaningful user interaction requirement before file upload (CVE-2018-6095)\n\n* chromium-browser: Fullscreen UI spoof (CVE-2018-6096)\n\n* chromium-browser: Fullscreen UI spoof (CVE-2018-6097)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6098)\n\n* chromium-browser: CORS bypass in ServiceWorker (CVE-2018-6099)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6100)\n\n* chromium-browser: Insufficient protection of remote debugging prototol in DevTools (CVE-2018-6101)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6102)\n\n* chromium-browser: UI spoof in Permissions (CVE-2018-6103)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6104)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6105)\n\n* chromium-browser: Incorrect handling of promises in V8 (CVE-2018-6106)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6107)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-6108)\n\n* chromium-browser: Incorrect handling of files by FileAPI (CVE-2018-6109)\n\n* chromium-browser: Incorrect handling of plaintext files via file:// (CVE-2018-6110)\n\n* chromium-browser: Heap-use-after-free in DevTools (CVE-2018-6111)\n\n* chromium-browser: Incorrect URL handling in DevTools (CVE-2018-6112)\n\n* chromium-browser: URL spoof in Navigation (CVE-2018-6113)\n\n* chromium-browser: CSP bypass (CVE-2018-6114)\n\n* chromium-browser: Incorrect low memory handling in WebAssembly (CVE-2018-6116)\n\n* chromium-browser: Confusing autofill settings (CVE-2018-6117)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1195",
        "url": "https://access.redhat.com/errata/RHSA-2018:1195"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "1568761",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568761"
      },
      {
        "category": "external",
        "summary": "1568762",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568762"
      },
      {
        "category": "external",
        "summary": "1568763",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568763"
      },
      {
        "category": "external",
        "summary": "1568764",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568764"
      },
      {
        "category": "external",
        "summary": "1568765",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568765"
      },
      {
        "category": "external",
        "summary": "1568766",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568766"
      },
      {
        "category": "external",
        "summary": "1568767",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568767"
      },
      {
        "category": "external",
        "summary": "1568769",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568769"
      },
      {
        "category": "external",
        "summary": "1568770",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568770"
      },
      {
        "category": "external",
        "summary": "1568771",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568771"
      },
      {
        "category": "external",
        "summary": "1568773",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568773"
      },
      {
        "category": "external",
        "summary": "1568774",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568774"
      },
      {
        "category": "external",
        "summary": "1568775",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568775"
      },
      {
        "category": "external",
        "summary": "1568776",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568776"
      },
      {
        "category": "external",
        "summary": "1568777",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568777"
      },
      {
        "category": "external",
        "summary": "1568778",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568778"
      },
      {
        "category": "external",
        "summary": "1568779",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568779"
      },
      {
        "category": "external",
        "summary": "1568780",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568780"
      },
      {
        "category": "external",
        "summary": "1568781",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568781"
      },
      {
        "category": "external",
        "summary": "1568782",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568782"
      },
      {
        "category": "external",
        "summary": "1568785",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568785"
      },
      {
        "category": "external",
        "summary": "1568786",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568786"
      },
      {
        "category": "external",
        "summary": "1568787",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568787"
      },
      {
        "category": "external",
        "summary": "1568788",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568788"
      },
      {
        "category": "external",
        "summary": "1568789",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568789"
      },
      {
        "category": "external",
        "summary": "1568790",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568790"
      },
      {
        "category": "external",
        "summary": "1568791",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568791"
      },
      {
        "category": "external",
        "summary": "1568792",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568792"
      },
      {
        "category": "external",
        "summary": "1568793",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568793"
      },
      {
        "category": "external",
        "summary": "1568794",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568794"
      },
      {
        "category": "external",
        "summary": "1568796",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568796"
      },
      {
        "category": "external",
        "summary": "1568797",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568797"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1195.json"
      }
    ],
    "title": "Red Hat Security Advisory: chromium-browser security update",
    "tracking": {
      "current_release_date": "2026-06-28T12:31:14+00:00",
      "generator": {
        "date": "2026-06-28T12:31:14+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.2.6"
        }
      },
      "id": "RHSA-2018:1195",
      "initial_release_date": "2018-04-23T12:36:50+00:00",
      "revision_history": [
        {
          "date": "2018-04-23T12:36:50+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-04-23T12:36:50+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-28T12:31:14+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
                  "product_id": "6Client-Supplementary-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
                  "product_id": "6Server-Supplementary-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
                  "product_id": "6Workstation-Supplementary-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux Supplementary"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
                "product": {
                  "name": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
                  "product_id": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/chromium-browser@66.0.3359.117-1.el6_9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
                "product": {
                  "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
                  "product_id": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/chromium-browser-debuginfo@66.0.3359.117-1.el6_9?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromium-browser-0:66.0.3359.117-1.el6_9.i686",
                "product": {
                  "name": "chromium-browser-0:66.0.3359.117-1.el6_9.i686",
                  "product_id": "chromium-browser-0:66.0.3359.117-1.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/chromium-browser@66.0.3359.117-1.el6_9?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
                "product": {
                  "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
                  "product_id": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/chromium-browser-debuginfo@66.0.3359.117-1.el6_9?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-0:66.0.3359.117-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
          "product_id": "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686"
        },
        "product_reference": "chromium-browser-0:66.0.3359.117-1.el6_9.i686",
        "relates_to_product_reference": "6Client-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
          "product_id": "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64"
        },
        "product_reference": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
          "product_id": "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686"
        },
        "product_reference": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
        "relates_to_product_reference": "6Client-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
          "product_id": "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        },
        "product_reference": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-0:66.0.3359.117-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
          "product_id": "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686"
        },
        "product_reference": "chromium-browser-0:66.0.3359.117-1.el6_9.i686",
        "relates_to_product_reference": "6Server-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
          "product_id": "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64"
        },
        "product_reference": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
          "product_id": "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686"
        },
        "product_reference": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
        "relates_to_product_reference": "6Server-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
          "product_id": "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        },
        "product_reference": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-0:66.0.3359.117-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
          "product_id": "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686"
        },
        "product_reference": "chromium-browser-0:66.0.3359.117-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
          "product_id": "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64"
        },
        "product_reference": "chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
          "product_id": "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686"
        },
        "product_reference": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
          "product_id": "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        },
        "product_reference": "chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-6085",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568761"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Use after free in Disk Cache",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6085"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568761",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568761"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6085",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6085"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6085",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6085"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "chromium-browser: Use after free in Disk Cache"
    },
    {
      "cve": "CVE-2018-6086",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568762"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Use after free in Disk Cache",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6086"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568762",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568762"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6086",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6086"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6086",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6086"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "chromium-browser: Use after free in Disk Cache"
    },
    {
      "cve": "CVE-2018-6087",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568763"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Use after free in WebAssembly",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6087"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568763",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568763"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6087",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6087"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6087",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6087"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "chromium-browser: Use after free in WebAssembly"
    },
    {
      "cve": "CVE-2018-6088",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568764"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Use after free in PDFium",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6088"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568764",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568764"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6088",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6088"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6088",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6088"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "chromium-browser: Use after free in PDFium"
    },
    {
      "cve": "CVE-2018-6089",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568765"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Same origin policy bypass in Service Worker",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6089"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568765",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568765"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6089",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6089"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6089",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6089"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "chromium-browser: Same origin policy bypass in Service Worker"
    },
    {
      "cve": "CVE-2018-6090",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568766"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Heap buffer overflow in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6090"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568766",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568766"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6090",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6090"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6090",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6090"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "chromium-browser: Heap buffer overflow in Skia"
    },
    {
      "cve": "CVE-2018-6091",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568767"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Incorrect handling of plug-ins by Service Worker",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6091"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568767",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568767"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6091",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6091"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6091",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6091"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "chromium-browser: Incorrect handling of plug-ins by Service Worker"
    },
    {
      "cve": "CVE-2018-6092",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568769"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Integer overflow in WebAssembly",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6092"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568769",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568769"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6092",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6092"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6092",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6092"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "chromium-browser: Integer overflow in WebAssembly"
    },
    {
      "cve": "CVE-2018-6093",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568770"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Same origin bypass in Service Worker",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6093"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568770",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568770"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6093",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6093"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6093",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6093"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: Same origin bypass in Service Worker"
    },
    {
      "cve": "CVE-2018-6094",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568771"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Exploit hardening regression in Oilpan",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6094"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568771",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568771"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6094",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6094"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6094",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6094"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: Exploit hardening regression in Oilpan"
    },
    {
      "cve": "CVE-2018-6095",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568773"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Lack of meaningful user interaction requirement before file upload",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6095"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568773",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568773"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6095",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6095"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6095",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6095"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: Lack of meaningful user interaction requirement before file upload"
    },
    {
      "cve": "CVE-2018-6096",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568774"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Fullscreen UI spoof",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6096"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568774",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568774"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6096",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6096"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6096",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6096"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: Fullscreen UI spoof"
    },
    {
      "cve": "CVE-2018-6097",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568775"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Fullscreen UI spoof",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6097"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568775",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568775"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6097",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6097"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6097",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6097"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: Fullscreen UI spoof"
    },
    {
      "cve": "CVE-2018-6098",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568776"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: URL spoof in Omnibox",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6098"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568776",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568776"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6098",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6098"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6098",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6098"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: URL spoof in Omnibox"
    },
    {
      "cve": "CVE-2018-6099",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568777"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: CORS bypass in ServiceWorker",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6099"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568777",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568777"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6099",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6099"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6099",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6099"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: CORS bypass in ServiceWorker"
    },
    {
      "cve": "CVE-2018-6100",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568778"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: URL spoof in Omnibox",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6100"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568778",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568778"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6100",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6100"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6100",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6100"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: URL spoof in Omnibox"
    },
    {
      "cve": "CVE-2018-6101",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568779"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Insufficient protection of remote debugging prototol in DevTools",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6101"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568779",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568779"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6101",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6101"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6101",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6101"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: Insufficient protection of remote debugging prototol in DevTools"
    },
    {
      "cve": "CVE-2018-6102",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568780"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: URL spoof in Omnibox",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6102"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568780",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568780"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6102",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6102"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6102",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6102"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: URL spoof in Omnibox"
    },
    {
      "cve": "CVE-2018-6103",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568781"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: UI spoof in Permissions",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6103"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568781",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568781"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6103",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6103"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6103",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6103"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: UI spoof in Permissions"
    },
    {
      "cve": "CVE-2018-6104",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568782"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: URL spoof in Omnibox",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6104"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568782",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568782"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6104",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6104"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6104",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6104"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: URL spoof in Omnibox"
    },
    {
      "cve": "CVE-2018-6105",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568785"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: URL spoof in Omnibox",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6105"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568785",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568785"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6105",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6105"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6105",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6105"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: URL spoof in Omnibox"
    },
    {
      "cve": "CVE-2018-6106",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568786"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Incorrect handling of promises in V8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6106"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568786",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568786"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6106",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6106"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6106",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6106"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: Incorrect handling of promises in V8"
    },
    {
      "cve": "CVE-2018-6107",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568787"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: URL spoof in Omnibox",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6107"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568787",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568787"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6107",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6107"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6107",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6107"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: URL spoof in Omnibox"
    },
    {
      "cve": "CVE-2018-6108",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568788"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: URL spoof in Omnibox",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6108"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568788",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568788"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6108",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6108"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6108",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6108"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "chromium-browser: URL spoof in Omnibox"
    },
    {
      "cve": "CVE-2018-6109",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568789"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Incorrect handling of files by FileAPI",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6109"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568789",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568789"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6109",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6109"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6109",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6109"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "chromium-browser: Incorrect handling of files by FileAPI"
    },
    {
      "cve": "CVE-2018-6110",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568790"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Incorrect handling of plaintext files via file://",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6110"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568790",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568790"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6110",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6110"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6110",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6110"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "chromium-browser: Incorrect handling of plaintext files via file://"
    },
    {
      "cve": "CVE-2018-6111",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568791"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Heap-use-after-free in DevTools",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6111"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568791",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568791"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6111",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6111"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6111",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6111"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "chromium-browser: Heap-use-after-free in DevTools"
    },
    {
      "cve": "CVE-2018-6112",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568792"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Incorrect URL handling in DevTools",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6112"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568792",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568792"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6112",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6112"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6112",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6112"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "chromium-browser: Incorrect URL handling in DevTools"
    },
    {
      "cve": "CVE-2018-6113",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568793"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: URL spoof in Navigation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6113"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568793",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568793"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6113",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6113"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6113",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6113"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "chromium-browser: URL spoof in Navigation"
    },
    {
      "cve": "CVE-2018-6114",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568794"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: CSP bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6114"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568794",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568794"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6114",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6114"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6114",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6114"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "chromium-browser: CSP bypass"
    },
    {
      "cve": "CVE-2018-6116",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568796"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Incorrect low memory handling in WebAssembly",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6116"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568796",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568796"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6116",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6116"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6116",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6116"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "chromium-browser: Incorrect low memory handling in WebAssembly"
    },
    {
      "cve": "CVE-2018-6117",
      "discovery_date": "2018-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1568797"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "chromium-browser: Confusing autofill settings",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
          "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-6117"
        },
        {
          "category": "external",
          "summary": "RHBZ#1568797",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568797"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-6117",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-6117"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6117",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6117"
        },
        {
          "category": "external",
          "summary": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html",
          "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
        }
      ],
      "release_date": "2018-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-04-23T12:36:50+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1195"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-0:66.0.3359.117-1.el6_9.x86_64",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.i686",
            "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:66.0.3359.117-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "chromium-browser: Confusing autofill settings"
    }
  ]
}