{ "document" : { "aggregate_severity" : { "text" : "hoch" }, "category" : "csaf_base", "csaf_version" : "2.0", "distribution" : { "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "de-DE", "notes" : [ { "category" : "legal_disclaimer", "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen." }, { "category" : "description", "text" : "Chrome ist ein Internet-Browser von Google.\r\nEdge ist ein Internet-Browser von Microsoft.", "title" : "Produktbeschreibung" }, { "category" : "summary", "text" : "Ein Angreifer kann mehrere Schwachstellen in Google Chrome/Microsoft Edge ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, darunter möglicherweise Codeausführung, Umgehung von Sicherheitsmaßnahmen, Denial-of-Service Datenmanipulation oder -offenlegung.", "title" : "Angriff" }, { "category" : "general", "text" : "- Linux\n- MacOS X\n- Windows", "title" : "Betroffene Betriebssysteme" } ], "publisher" : { "category" : "other", "contact_details" : "csaf-provider@cert-bund.de", "name" : "Bundesamt für Sicherheit in der Informationstechnik", "namespace" : "https://www.bsi.bund.de" }, "references" : [ { "category" : "self", "summary" : "WID-SEC-W-2026-1130 - CSAF Version", "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1130.json" }, { "category" : "self", "summary" : "WID-SEC-2026-1130 - Portal Version", "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1130" }, { "category" : "external", "summary" : "Google Stable Channel Update for Desktop vom 2026-04-15", "url" : "http://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html" }, { "category" : "external", "summary" : "Release notes for Microsoft Edge Security Updates vom 2026-04-16", "url" : "https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#april-16-2026" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-2026-3675AC2066 vom 2026-04-17", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-2026-3675ac2066" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-EPEL-2026-F2AC7803F9 vom 2026-04-17", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-f2ac7803f9" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-2026-CA6321E5F1 vom 2026-04-17", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-2026-ca6321e5f1" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-EPEL-2026-6D455368FD vom 2026-04-17", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-6d455368fd" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-EPEL-2026-9CE82C1A41 vom 2026-04-17", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-9ce82c1a41" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-EPEL-2026-C7FA5F9BE3 vom 2026-04-17", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-c7fa5f9be3" }, { "category" : "external", "summary" : "Fedora Security Advisory FEDORA-2026-D3C82235D4 vom 2026-04-17", "url" : "https://bodhi.fedoraproject.org/updates/FEDORA-2026-d3c82235d4" }, { "category" : "external", "summary" : "Debian Security Advisory DSA-6214 vom 2026-04-17", "url" : "https://lists.debian.org/debian-security-announce/2026/msg00124.html" }, { "category" : "external", "summary" : "openSUSE Security Update OPENSUSE-SU-2026:10572-1 vom 2026-04-19", "url" : "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P6JPHYU3MZQ7B6CXW6S4BJG27U2BQENL/" }, { "category" : "external", "summary" : "openSUSE Security Update OPENSUSE-SU-2026:20588-1 vom 2026-04-21", "url" : "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YDJKMQKUR5TEKJHWNMVSE7MWJQQ3RD7C/" }, { "category" : "external", "summary" : "IGEL Security Notice ISN-2026-14 vom 2026-04-28", "url" : "https://kb.igel.com/en/security-safety/current/isn-2026-14-critical-chromium-vulnerabilities" } ], "source_lang" : "en-US", "title" : "Google Chrome/Microsoft Edge: Mehrere Schwachstellen", "tracking" : { "current_release_date" : "2026-04-27T22:00:00.000+00:00", "generator" : { "date" : "2026-04-28T11:24:14.281+00:00", "engine" : { "name" : "BSI-WID", "version" : "1.5.0" } }, "id" : "WID-SEC-W-2026-1130", "initial_release_date" : "2026-04-15T22:00:00.000+00:00", "revision_history" : [ { "date" : "2026-04-15T22:00:00.000+00:00", "number" : "1", "summary" : "Initiale Fassung" }, { "date" : "2026-04-16T22:00:00.000+00:00", "number" : "2", "summary" : "Edge Update aufgenommen" }, { "date" : "2026-04-19T22:00:00.000+00:00", "number" : "3", "summary" : "Neue Updates von openSUSE aufgenommen" }, { "date" : "2026-04-21T22:00:00.000+00:00", "number" : "4", "summary" : "Neue Updates von openSUSE aufgenommen" }, { "date" : "2026-04-27T22:00:00.000+00:00", "number" : "5", "summary" : "Neue Updates von IGEL aufgenommen" } ], "status" : "final", "version" : "5" } }, "product_tree" : { "branches" : [ { "branches" : [ { "category" : "product_name", "name" : "Debian Linux", "product" : { "name" : "Debian Linux", "product_id" : "2951", "product_identification_helper" : { "cpe" : "cpe:/o:debian:debian_linux:-" } } } ], "category" : "vendor", "name" : "Debian" }, { "branches" : [ { "category" : "product_name", "name" : "Fedora Linux", "product" : { "name" : "Fedora Linux", "product_id" : "74185", "product_identification_helper" : { "cpe" : "cpe:/o:fedoraproject:fedora:-" } } } ], "category" : "vendor", "name" : "Fedora" }, { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : "<147.0.7727.101", "product" : { "name" : "Google Chrome <147.0.7727.101", "product_id" : "T052878" } }, { "category" : "product_version", "name" : "147.0.7727.101", "product" : { "name" : "Google Chrome 147.0.7727.101", "product_id" : "T052878-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:google:chrome:147.0.7727.101" } } }, { "category" : "product_version_range", "name" : "<147.0.7727.102", "product" : { "name" : "Google Chrome <147.0.7727.102", "product_id" : "T052879" } }, { "category" : "product_version", "name" : "147.0.7727.102", "product" : { "name" : "Google Chrome 147.0.7727.102", "product_id" : "T052879-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:google:chrome:147.0.7727.102" } } } ], "category" : "product_name", "name" : "Chrome" } ], "category" : "vendor", "name" : "Google" }, { "branches" : [ { "category" : "product_name", "name" : "IGEL OS", "product" : { "name" : "IGEL OS", "product_id" : "T017865", "product_identification_helper" : { "cpe" : "cpe:/o:igel:os:-" } } } ], "category" : "vendor", "name" : "IGEL" }, { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : "<147.0.3912.72", "product" : { "name" : "Microsoft Edge <147.0.3912.72", "product_id" : "T052932" } }, { "category" : "product_version", "name" : "147.0.3912.72", "product" : { "name" : "Microsoft Edge 147.0.3912.72", "product_id" : "T052932-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:microsoft:edge:147.0.3912.72" } } }, { "category" : "product_version_range", "name" : "<146.0.3856.130", "product" : { "name" : "Microsoft Edge <146.0.3856.130", "product_id" : "T052933" } }, { "category" : "product_version", "name" : "146.0.3856.130", "product" : { "name" : "Microsoft Edge 146.0.3856.130", "product_id" : "T052933-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:microsoft:edge:146.0.3856.130" } } } ], "category" : "product_name", "name" : "Edge" } ], "category" : "vendor", "name" : "Microsoft" }, { "branches" : [ { "category" : "product_name", "name" : "SUSE openSUSE", "product" : { "name" : "SUSE openSUSE", "product_id" : "T027843", "product_identification_helper" : { "cpe" : "cpe:/o:suse:opensuse:-" } } } ], "category" : "vendor", "name" : "SUSE" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2026-6296", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6296" }, { "cve" : "CVE-2026-6297", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6297" }, { "cve" : "CVE-2026-6298", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6298" }, { "cve" : "CVE-2026-6299", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6299" }, { "cve" : "CVE-2026-6300", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6300" }, { "cve" : "CVE-2026-6301", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6301" }, { "cve" : "CVE-2026-6302", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6302" }, { "cve" : "CVE-2026-6303", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6303" }, { "cve" : "CVE-2026-6304", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6304" }, { "cve" : "CVE-2026-6305", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6305" }, { "cve" : "CVE-2026-6306", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6306" }, { "cve" : "CVE-2026-6307", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6307" }, { "cve" : "CVE-2026-6308", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6308" }, { "cve" : "CVE-2026-6309", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6309" }, { "cve" : "CVE-2026-6310", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6310" }, { "cve" : "CVE-2026-6311", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6311" }, { "cve" : "CVE-2026-6312", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6312" }, { "cve" : "CVE-2026-6313", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6313" }, { "cve" : "CVE-2026-6314", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6314" }, { "cve" : "CVE-2026-6315", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6315" }, { "cve" : "CVE-2026-6316", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6316" }, { "cve" : "CVE-2026-6317", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6317" }, { "cve" : "CVE-2026-6318", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6318" }, { "cve" : "CVE-2026-6319", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6319" }, { "cve" : "CVE-2026-6358", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6358" }, { "cve" : "CVE-2026-6359", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6359" }, { "cve" : "CVE-2026-6360", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6360" }, { "cve" : "CVE-2026-6361", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6361" }, { "cve" : "CVE-2026-6362", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6362" }, { "cve" : "CVE-2026-6363", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6363" }, { "cve" : "CVE-2026-6364", "product_status" : { "known_affected" : [ "2951", "T017865", "T052878", "T052933", "T052879", "T027843", "T052932", "74185" ] }, "release_date" : "2026-04-15T22:00:00.000+00:00", "title" : "CVE-2026-6364" } ] }