Detections
Analytics

Debian dsa-6214 : chromium - security update

critical Nessus Plugin ID 307617

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6214 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6214-1 [email protected] https://www.debian.org/security/ Andres Salomon April 17, 2026 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : chromium CVE ID : CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6299 CVE-2026-6300 CVE-2026-6301 CVE-2026-6302 CVE-2026-6303 CVE-2026-6304 CVE-2026-6305 CVE-2026-6306 CVE-2026-6307 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6318 CVE-2026-6319 CVE-2026-6358 CVE-2026-6359 CVE-2026-6360 CVE-2026-6361 CVE-2026-6362 CVE-2026-6363 CVE-2026-6364

 Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

 For the oldstable distribution (bookworm), these problems have been fixed in version 147.0.7727.101-1~deb12u1.

 For the stable distribution (trixie), these problems have been fixed in version 147.0.7727.101-1~deb13u1.

 We recommend that you upgrade your chromium packages.

 For the detailed security status of chromium please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/chromium

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: [email protected]

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the chromium packages.

See Also

https://security-tracker.debian.org/tracker/source-package/chromium

https://security-tracker.debian.org/tracker/CVE-2026-6296

https://security-tracker.debian.org/tracker/CVE-2026-6297

https://security-tracker.debian.org/tracker/CVE-2026-6298

https://security-tracker.debian.org/tracker/CVE-2026-6299

https://security-tracker.debian.org/tracker/CVE-2026-6300

https://security-tracker.debian.org/tracker/CVE-2026-6301

https://security-tracker.debian.org/tracker/CVE-2026-6302

https://security-tracker.debian.org/tracker/CVE-2026-6303

https://security-tracker.debian.org/tracker/CVE-2026-6304

https://security-tracker.debian.org/tracker/CVE-2026-6305

https://security-tracker.debian.org/tracker/CVE-2026-6306

https://security-tracker.debian.org/tracker/CVE-2026-6307

https://security-tracker.debian.org/tracker/CVE-2026-6308

https://security-tracker.debian.org/tracker/CVE-2026-6309

https://security-tracker.debian.org/tracker/CVE-2026-6310

https://security-tracker.debian.org/tracker/CVE-2026-6311

https://security-tracker.debian.org/tracker/CVE-2026-6312

https://security-tracker.debian.org/tracker/CVE-2026-6313

https://security-tracker.debian.org/tracker/CVE-2026-6314

https://security-tracker.debian.org/tracker/CVE-2026-6315

https://security-tracker.debian.org/tracker/CVE-2026-6316

https://security-tracker.debian.org/tracker/CVE-2026-6317

https://security-tracker.debian.org/tracker/CVE-2026-6318

https://security-tracker.debian.org/tracker/CVE-2026-6319

https://security-tracker.debian.org/tracker/CVE-2026-6358

https://security-tracker.debian.org/tracker/CVE-2026-6359

https://security-tracker.debian.org/tracker/CVE-2026-6360

https://security-tracker.debian.org/tracker/CVE-2026-6361

https://security-tracker.debian.org/tracker/CVE-2026-6362

https://security-tracker.debian.org/tracker/CVE-2026-6363

https://security-tracker.debian.org/tracker/CVE-2026-6364

https://packages.debian.org/source/bookworm/chromium

https://packages.debian.org/source/trixie/chromium

Plugin Details

Severity: Critical

ID: 307617

File Name: debian_DSA-6214.nasl

Version: 1.2

Type: Local

Agent: unix

Published: 4/20/2026

Updated: 4/20/2026

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-6363

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2026-6296

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-headless-shell, cpe:/o:debian:debian_linux:13.0, cpe:/o:debian:debian_linux:12.0, p-cpe:/a:debian:debian_linux:chromium-shell, p-cpe:/a:debian:debian_linux:chromium-sandbox, p-cpe:/a:debian:debian_linux:chromium-l10n, p-cpe:/a:debian:debian_linux:chromium-driver, p-cpe:/a:debian:debian_linux:chromium-common, p-cpe:/a:debian:debian_linux:chromium

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 4/17/2026

Vulnerability Publication Date: 4/15/2026

Reference Information

CVE: CVE-2026-6296, CVE-2026-6297, CVE-2026-6298, CVE-2026-6299, CVE-2026-6300, CVE-2026-6301, CVE-2026-6302, CVE-2026-6303, CVE-2026-6304, CVE-2026-6305, CVE-2026-6306, CVE-2026-6307, CVE-2026-6308, CVE-2026-6309, CVE-2026-6310, CVE-2026-6311, CVE-2026-6312, CVE-2026-6313, CVE-2026-6314, CVE-2026-6315, CVE-2026-6316, CVE-2026-6317, CVE-2026-6318, CVE-2026-6319, CVE-2026-6358, CVE-2026-6359, CVE-2026-6360, CVE-2026-6361, CVE-2026-6362, CVE-2026-6363, CVE-2026-6364