Detections
Analytics

Debian dsa-6205 : chromium - security update

high Nessus Plugin ID 307670

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6205 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6205-1 [email protected] https://www.debian.org/security/ Andres Salomon April 10, 2026 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : chromium CVE ID : CVE-2026-5858 CVE-2026-5859 CVE-2026-5860 CVE-2026-5861 CVE-2026-5862 CVE-2026-5863 CVE-2026-5864 CVE-2026-5865 CVE-2026-5866 CVE-2026-5867 CVE-2026-5868 CVE-2026-5869 CVE-2026-5870 CVE-2026-5871 CVE-2026-5872 CVE-2026-5873 CVE-2026-5874 CVE-2026-5875 CVE-2026-5876 CVE-2026-5877 CVE-2026-5878 CVE-2026-5879 CVE-2026-5880 CVE-2026-5881 CVE-2026-5882 CVE-2026-5883 CVE-2026-5884 CVE-2026-5885 CVE-2026-5886 CVE-2026-5887 CVE-2026-5888 CVE-2026-5889 CVE-2026-5890 CVE-2026-5891 CVE-2026-5892 CVE-2026-5893 CVE-2026-5894 CVE-2026-5895 CVE-2026-5896 CVE-2026-5897 CVE-2026-5898 CVE-2026-5899 CVE-2026-5900 CVE-2026-5901 CVE-2026-5902 CVE-2026-5903 CVE-2026-5904 CVE-2026-5905 CVE-2026-5906 CVE-2026-5907 CVE-2026-5908 CVE-2026-5909 CVE-2026-5910 CVE-2026-5911 CVE-2026-5912 CVE-2026-5913 CVE-2026-5914 CVE-2026-5915 CVE-2026-5918 CVE-2026-5919

 Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

 For the oldstable distribution (bookworm), these problems have been fixed in version 147.0.7727.55-1~deb12u1.

 For the stable distribution (trixie), these problems have been fixed in version 147.0.7727.55-1~deb13u1.

 We recommend that you upgrade your chromium packages.

 For the detailed security status of chromium please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/chromium

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: [email protected]

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the chromium packages.

See Also

https://security-tracker.debian.org/tracker/source-package/chromium

https://security-tracker.debian.org/tracker/CVE-2026-5858

https://security-tracker.debian.org/tracker/CVE-2026-5859

https://security-tracker.debian.org/tracker/CVE-2026-5860

https://security-tracker.debian.org/tracker/CVE-2026-5861

https://security-tracker.debian.org/tracker/CVE-2026-5862

https://security-tracker.debian.org/tracker/CVE-2026-5863

https://security-tracker.debian.org/tracker/CVE-2026-5864

https://security-tracker.debian.org/tracker/CVE-2026-5865

https://security-tracker.debian.org/tracker/CVE-2026-5866

https://security-tracker.debian.org/tracker/CVE-2026-5867

https://security-tracker.debian.org/tracker/CVE-2026-5868

https://security-tracker.debian.org/tracker/CVE-2026-5869

https://security-tracker.debian.org/tracker/CVE-2026-5870

https://security-tracker.debian.org/tracker/CVE-2026-5871

https://security-tracker.debian.org/tracker/CVE-2026-5872

https://security-tracker.debian.org/tracker/CVE-2026-5873

https://security-tracker.debian.org/tracker/CVE-2026-5874

https://security-tracker.debian.org/tracker/CVE-2026-5875

https://security-tracker.debian.org/tracker/CVE-2026-5876

https://security-tracker.debian.org/tracker/CVE-2026-5877

https://security-tracker.debian.org/tracker/CVE-2026-5878

https://security-tracker.debian.org/tracker/CVE-2026-5879

https://security-tracker.debian.org/tracker/CVE-2026-5880

https://security-tracker.debian.org/tracker/CVE-2026-5881

https://security-tracker.debian.org/tracker/CVE-2026-5882

https://security-tracker.debian.org/tracker/CVE-2026-5883

https://security-tracker.debian.org/tracker/CVE-2026-5884

https://security-tracker.debian.org/tracker/CVE-2026-5885

https://security-tracker.debian.org/tracker/CVE-2026-5886

https://security-tracker.debian.org/tracker/CVE-2026-5887

https://security-tracker.debian.org/tracker/CVE-2026-5888

https://security-tracker.debian.org/tracker/CVE-2026-5889

https://security-tracker.debian.org/tracker/CVE-2026-5890

https://security-tracker.debian.org/tracker/CVE-2026-5891

https://security-tracker.debian.org/tracker/CVE-2026-5892

https://security-tracker.debian.org/tracker/CVE-2026-5893

https://security-tracker.debian.org/tracker/CVE-2026-5894

https://security-tracker.debian.org/tracker/CVE-2026-5895

https://security-tracker.debian.org/tracker/CVE-2026-5896

https://security-tracker.debian.org/tracker/CVE-2026-5897

https://security-tracker.debian.org/tracker/CVE-2026-5898

https://security-tracker.debian.org/tracker/CVE-2026-5899

https://security-tracker.debian.org/tracker/CVE-2026-5900

https://security-tracker.debian.org/tracker/CVE-2026-5901

https://security-tracker.debian.org/tracker/CVE-2026-5902

https://security-tracker.debian.org/tracker/CVE-2026-5903

https://security-tracker.debian.org/tracker/CVE-2026-5904

https://security-tracker.debian.org/tracker/CVE-2026-5905

https://security-tracker.debian.org/tracker/CVE-2026-5906

https://security-tracker.debian.org/tracker/CVE-2026-5907

https://security-tracker.debian.org/tracker/CVE-2026-5908

https://security-tracker.debian.org/tracker/CVE-2026-5909

https://security-tracker.debian.org/tracker/CVE-2026-5910

https://security-tracker.debian.org/tracker/CVE-2026-5911

https://security-tracker.debian.org/tracker/CVE-2026-5912

https://security-tracker.debian.org/tracker/CVE-2026-5913

https://security-tracker.debian.org/tracker/CVE-2026-5914

https://security-tracker.debian.org/tracker/CVE-2026-5915

https://security-tracker.debian.org/tracker/CVE-2026-5918

https://security-tracker.debian.org/tracker/CVE-2026-5919

https://packages.debian.org/source/bookworm/chromium

https://packages.debian.org/source/trixie/chromium

Plugin Details

Severity: High

ID: 307670

File Name: debian_DSA-6205.nasl

Version: 1.2

Type: Local

Agent: unix

Published: 4/21/2026

Updated: 4/21/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-5883

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium, p-cpe:/a:debian:debian_linux:chromium-common, p-cpe:/a:debian:debian_linux:chromium-driver, p-cpe:/a:debian:debian_linux:chromium-l10n, p-cpe:/a:debian:debian_linux:chromium-sandbox, p-cpe:/a:debian:debian_linux:chromium-shell, cpe:/o:debian:debian_linux:12.0, cpe:/o:debian:debian_linux:13.0, p-cpe:/a:debian:debian_linux:chromium-headless-shell

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 4/10/2026

Vulnerability Publication Date: 4/7/2026

Reference Information

CVE: CVE-2026-5858, CVE-2026-5859, CVE-2026-5860, CVE-2026-5861, CVE-2026-5862, CVE-2026-5863, CVE-2026-5864, CVE-2026-5865, CVE-2026-5866, CVE-2026-5867, CVE-2026-5868, CVE-2026-5869, CVE-2026-5870, CVE-2026-5871, CVE-2026-5872, CVE-2026-5873, CVE-2026-5874, CVE-2026-5875, CVE-2026-5876, CVE-2026-5877, CVE-2026-5878, CVE-2026-5879, CVE-2026-5880, CVE-2026-5881, CVE-2026-5882, CVE-2026-5883, CVE-2026-5884, CVE-2026-5885, CVE-2026-5886, CVE-2026-5887, CVE-2026-5888, CVE-2026-5889, CVE-2026-5890, CVE-2026-5891, CVE-2026-5892, CVE-2026-5893, CVE-2026-5894, CVE-2026-5895, CVE-2026-5896, CVE-2026-5897, CVE-2026-5898, CVE-2026-5899, CVE-2026-5900, CVE-2026-5901, CVE-2026-5902, CVE-2026-5903, CVE-2026-5904, CVE-2026-5905, CVE-2026-5906, CVE-2026-5907, CVE-2026-5908, CVE-2026-5909, CVE-2026-5910, CVE-2026-5911, CVE-2026-5912, CVE-2026-5913, CVE-2026-5914, CVE-2026-5915, CVE-2026-5918, CVE-2026-5919