CVE-2018-6051 The Resource Timing API had an insufficiently restrictive accessible document limit. This API may be used by web sites to determine how much time users spend on their site. CVE-2018-6052 The Resource Timing API did not have an adequate minimum time limit for access. This API may be used by web sites to determine how much time users spend on their site. CVE-2018-6053 The Resource Timing API had an insufficiently restrictive accessible page view limit. This API may be used by web sites to determine how much time users spend on their site. These issues were addressed in Google Chrome 135.0.66.0.
IMPORTANT NOTE: If you are using Google Chrome prior to version 135.0.66.0, the Google Chrome team recommends that you update your software to version 135.0.66.0 or later as soon as possible. We recommend that you review the Knowledge Base article for more information.
Inappropriate implementation in WebAssembly in Google Chrome prior to 135.0.0.0 allowed a remote attacker to bypass sandbox restrictions via a crafted HTML page. CVE-2018-6054 The WebAssembly implementation in Google Chrome prior to 135.0.0.0 allowed a remote attacker to bypass sandbox restrictions via a crafted HTML page. CVE-2018-6055 The WebAssembly implementation in Google Chrome prior to 135.0.0.0 allowed a remote attacker to bypass sandbox restrictions via a
How to Update
Your Software to Fix These Vulnerabilities
1) Update Google Chrome
2) If you use other browser software, make sure that your software is up-to-date as well.
3) Make sure to update the Operating System software on your computer.
4) Change your passwords and enable 2FA (Two-Factor Authentication).
Other versions
These issues were addressed in Google Chrome 135.0.66.0.
Timeline
Published on: 07/23/2022 00:15:00 UTC
Last modified on: 08/15/2022 11:16:00 UTC