Detections
Analytics

Debian dsa-6344 : chromium - security update

critical Nessus Plugin ID 320973

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6344 advisory.

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6344-1 [email protected] https://www.debian.org/security/ Andres Salomon June 13, 2026 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : chromium CVE ID : CVE-2026-12007 CVE-2026-12008 CVE-2026-12009 CVE-2026-12010 CVE-2026-12011 CVE-2026-12012 CVE-2026-12013 CVE-2026-12014 CVE-2026-12015 CVE-2026-12016 CVE-2026-12017 CVE-2026-12018 CVE-2026-12019 CVE-2026-12020 CVE-2026-12022 CVE-2026-12023 CVE-2026-12024 CVE-2026-12025 CVE-2026-12026 CVE-2026-12027 CVE-2026-12028 CVE-2026-12029 CVE-2026-12030 CVE-2026-12031 CVE-2026-12032 CVE-2026-12033 CVE-2026-12034 CVE-2026-12035

 Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

 For the oldstable distribution (bookworm), these problems have been fixed in version 149.0.7827.114-1~deb12u1.

 For the stable distribution (trixie), these problems have been fixed in version 149.0.7827.114-1~deb13u1.

 We recommend that you upgrade your chromium packages.

 For the detailed security status of chromium please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/chromium

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: [email protected]

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the chromium packages.

See Also

https://security-tracker.debian.org/tracker/source-package/chromium

https://security-tracker.debian.org/tracker/CVE-2026-12007

https://security-tracker.debian.org/tracker/CVE-2026-12008

https://security-tracker.debian.org/tracker/CVE-2026-12009

https://security-tracker.debian.org/tracker/CVE-2026-12010

https://security-tracker.debian.org/tracker/CVE-2026-12011

https://security-tracker.debian.org/tracker/CVE-2026-12012

https://security-tracker.debian.org/tracker/CVE-2026-12013

https://security-tracker.debian.org/tracker/CVE-2026-12014

https://security-tracker.debian.org/tracker/CVE-2026-12015

https://security-tracker.debian.org/tracker/CVE-2026-12016

https://security-tracker.debian.org/tracker/CVE-2026-12017

https://security-tracker.debian.org/tracker/CVE-2026-12018

https://security-tracker.debian.org/tracker/CVE-2026-12019

https://security-tracker.debian.org/tracker/CVE-2026-12020

https://security-tracker.debian.org/tracker/CVE-2026-12022

https://security-tracker.debian.org/tracker/CVE-2026-12023

https://security-tracker.debian.org/tracker/CVE-2026-12024

https://security-tracker.debian.org/tracker/CVE-2026-12025

https://security-tracker.debian.org/tracker/CVE-2026-12026

https://security-tracker.debian.org/tracker/CVE-2026-12027

https://security-tracker.debian.org/tracker/CVE-2026-12028

https://security-tracker.debian.org/tracker/CVE-2026-12029

https://security-tracker.debian.org/tracker/CVE-2026-12030

https://security-tracker.debian.org/tracker/CVE-2026-12031

https://security-tracker.debian.org/tracker/CVE-2026-12032

https://security-tracker.debian.org/tracker/CVE-2026-12033

https://security-tracker.debian.org/tracker/CVE-2026-12034

https://security-tracker.debian.org/tracker/CVE-2026-12035

https://packages.debian.org/source/bookworm/chromium

https://packages.debian.org/source/trixie/chromium

Plugin Details

Severity: Critical

ID: 320973

File Name: debian_DSA-6344.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 6/13/2026

Updated: 6/13/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.1

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-12035

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2026-12027

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:chromium-common, p-cpe:/a:debian:debian_linux:chromium-l10n, p-cpe:/a:debian:debian_linux:chromium-shell, p-cpe:/a:debian:debian_linux:chromium, cpe:/o:debian:debian_linux:12.0, p-cpe:/a:debian:debian_linux:chromium-headless-shell, p-cpe:/a:debian:debian_linux:chromium-sandbox, p-cpe:/a:debian:debian_linux:chromium-driver, cpe:/o:debian:debian_linux:13.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 6/13/2026

Vulnerability Publication Date: 6/11/2026

Reference Information

CVE: CVE-2026-12007, CVE-2026-12008, CVE-2026-12009, CVE-2026-12010, CVE-2026-12011, CVE-2026-12012, CVE-2026-12013, CVE-2026-12014, CVE-2026-12015, CVE-2026-12016, CVE-2026-12017, CVE-2026-12018, CVE-2026-12019, CVE-2026-12020, CVE-2026-12022, CVE-2026-12023, CVE-2026-12024, CVE-2026-12025, CVE-2026-12026, CVE-2026-12027, CVE-2026-12028, CVE-2026-12029, CVE-2026-12030, CVE-2026-12031, CVE-2026-12032, CVE-2026-12033, CVE-2026-12034, CVE-2026-12035