CVE-2018-6089 vulnerability in Google and Other Products
Published on December 4, 2018

A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2018-6089

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-6089 are published in these products:

Google Chrome

Debian Linux

Red Hat Linux Desktop

Red Hat Linux Server

Red Hat Linux Workstation

Affected Versions

Google Chrome:

Version unspecified and below 66.0.3359.117 is affected.

Exploit Probability

EPSS

0.94%

Percentile

75.86%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-6089 vulnerability in Google and Other ProductsPublished on December 4, 2018

Products Associated with CVE-2018-6089

Affected Versions

Exploit Probability

CVE-2018-6089 vulnerability in Google and Other Products
Published on December 4, 2018