Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-4500-1 chromium -- security update

Related Vulnerabilities: CVE-2019-5805   CVE-2019-5806   CVE-2019-5807   CVE-2019-5808   CVE-2019-5809   CVE-2019-5810   CVE-2019-5811   CVE-2019-5813   CVE-2019-5814   CVE-2019-5815   CVE-2019-5818   CVE-2019-5819   CVE-2019-5820   CVE-2019-5821   CVE-2019-5822   CVE-2019-5823   CVE-2019-5824   CVE-2019-5825   CVE-2019-5826   CVE-2019-5827   CVE-2019-5828   CVE-2019-5829   CVE-2019-5830   CVE-2019-5831   CVE-2019-5832   CVE-2019-5833   CVE-2019-5834   CVE-2019-5836   CVE-2019-5837   CVE-2019-5838   CVE-2019-5839   CVE-2019-5840   CVE-2019-5842   CVE-2019-5847   CVE-2019-5848   CVE-2019-5849   CVE-2019-5850   CVE-2019-5851   CVE-2019-5852   CVE-2019-5853   CVE-2019-5854   CVE-2019-5855   CVE-2019-5856   CVE-2019-5857   CVE-2019-5858   CVE-2019-5859   CVE-2019-5860   CVE-2019-5861   CVE-2019-5862   CVE-2019-5864   CVE-2019-5865   CVE-2019-5867   CVE-2019-5868  

Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-5805 A use-after-free issue was discovered in the pdfium library. CVE-2019-5806 Wen Xu discovered an integer overflow issue in the Angle library. CVE-2019-5807 TimGMichaud discovered a memory corruption issue in the v8 javascript library. CVE-2019-5808 cloudfuzzer discovered a use-after-free issue in Blink/Webkit. CVE-2019-5809 Mark Brand discovered a use-after-free issue in Blink/Webkit. CVE-2019-5810 Mark Amery discovered an information disclosure issue. CVE-2019-5811 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature. CVE-2019-5813 Aleksandar Nikolic discovered an out-of-bounds read issue in the v8 javascript library. CVE-2019-5814 @AaylaSecura1138 discovered a way to bypass the Cross-Origin Resource Sharing feature. CVE-2019-5815 Nicolas Grégoire discovered a buffer overflow issue in Blink/Webkit. CVE-2019-5818 Adrian Tolbaru discovered an uninitialized value issue. CVE-2019-5819 Svyat Mitin discovered an error in the developer tools. CVE-2019-5820 pdknsk discovered an integer overflow issue in the pdfium library. CVE-2019-5821 pdknsk discovered another integer overflow issue in the pdfium library. CVE-2019-5822 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature. CVE-2019-5823 David Erceg discovered a navigation error. CVE-2019-5824 leecraso and Guang Gong discovered an error in the media player. CVE-2019-5825 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered an out-of-bounds write issue in the v8 javascript library. CVE-2019-5826 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered a use-after-free issue. CVE-2019-5827 mlfbrown discovered an out-of-bounds read issue in the sqlite library. CVE-2019-5828 leecraso and Guang Gong discovered a use-after-free issue. CVE-2019-5829 Lucas Pinheiro discovered a use-after-free issue. CVE-2019-5830 Andrew Krashichkov discovered a credential error in the Cross-Origin Resource Sharing feature. CVE-2019-5831 yngwei discovered a map error in the v8 javascript library. CVE-2019-5832 Sergey Shekyan discovered an error in the Cross-Origin Resource Sharing feature. CVE-2019-5833 Khalil Zhani discovered a user interface error. CVE-2019-5834 Khalil Zhani discovered a URL spoofing issue. CVE-2019-5836 Omair discovered a buffer overflow issue in the Angle library. CVE-2019-5837 Adam Iawniuk discovered an information disclosure issue. CVE-2019-5838 David Erceg discovered an error in extension permissions. CVE-2019-5839 Masato Kinugawa discovered implementation errors in Blink/Webkit. CVE-2019-5840 Eliya Stein and Jerome Dangu discovered a way to bypass the popup blocker. CVE-2019-5842 BUGFENSE discovered a use-after-free issue in Blink/Webkit. CVE-2019-5847 m3plex discovered an error in the v8 javascript library. CVE-2019-5848 Mark Amery discovered an information disclosure issue. CVE-2019-5849 Zhen Zhou discovered an out-of-bounds read in the Skia library. CVE-2019-5850 Brendon Tiszka discovered a use-after-free issue in the offline page fetcher. CVE-2019-5851 Zhe Jin discovered a use-after-poison issue. CVE-2019-5852 David Erceg discovered an information disclosure issue. CVE-2019-5853 Yngwei and sakura discovered a memory corruption issue. CVE-2019-5854 Zhen Zhou discovered an integer overflow issue in the pdfium library. CVE-2019-5855 Zhen Zhou discovered an integer overflow issue in the pdfium library. CVE-2019-5856 Yongke Wang discovered an error related to file system URL permissions. CVE-2019-5857 cloudfuzzer discovered a way to crash chromium. CVE-2019-5858 evil1m0 discovered an information disclosure issue. CVE-2019-5859 James Lee discovered a way to launch alternative browsers. CVE-2019-5860 A use-after-free issue was discovered in the v8 javascript library. CVE-2019-5861 Robin Linus discovered an error determining click location. CVE-2019-5862 Jun Kokatsu discovered an error in the AppCache implementation. CVE-2019-5864 Devin Grindle discovered an error in the Cross-Origin Resourse Sharing feature for extensions. CVE-2019-5865 Ivan Fratric discovered a way to bypass the site isolation feature. CVE-2019-5867 Lucas Pinheiro discovered an out-of-bounds read issue in the v8 javascript library. CVE-2019-5868 banananapenguin discovered a use-after-free issue in the v8 javascript library. For the stable distribution (buster), these problems have been fixed in version 76.0.3809.100-1~deb10u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Source

Debian Security Advisory

DSA-4500-1 chromium -- security update

Date Reported:
12 Aug 2019
Affected Packages:
chromium
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2019-5805, CVE-2019-5806, CVE-2019-5807, CVE-2019-5808, CVE-2019-5809, CVE-2019-5810, CVE-2019-5811, CVE-2019-5813, CVE-2019-5814, CVE-2019-5815, CVE-2019-5818, CVE-2019-5819, CVE-2019-5820, CVE-2019-5821, CVE-2019-5822, CVE-2019-5823, CVE-2019-5824, CVE-2019-5825, CVE-2019-5826, CVE-2019-5827, CVE-2019-5828, CVE-2019-5829, CVE-2019-5830, CVE-2019-5831, CVE-2019-5832, CVE-2019-5833, CVE-2019-5834, CVE-2019-5836, CVE-2019-5837, CVE-2019-5838, CVE-2019-5839, CVE-2019-5840, CVE-2019-5842, CVE-2019-5847, CVE-2019-5848, CVE-2019-5849, CVE-2019-5850, CVE-2019-5851, CVE-2019-5852, CVE-2019-5853, CVE-2019-5854, CVE-2019-5855, CVE-2019-5856, CVE-2019-5857, CVE-2019-5858, CVE-2019-5859, CVE-2019-5860, CVE-2019-5861, CVE-2019-5862, CVE-2019-5864, CVE-2019-5865, CVE-2019-5867, CVE-2019-5868.
More information:

Several vulnerabilities have been discovered in the chromium web browser.

  • CVE-2019-5805

    A use-after-free issue was discovered in the pdfium library.

  • CVE-2019-5806

    Wen Xu discovered an integer overflow issue in the Angle library.

  • CVE-2019-5807

    TimGMichaud discovered a memory corruption issue in the v8 javascript library.

  • CVE-2019-5808

    cloudfuzzer discovered a use-after-free issue in Blink/Webkit.

  • CVE-2019-5809

    Mark Brand discovered a use-after-free issue in Blink/Webkit.

  • CVE-2019-5810

    Mark Amery discovered an information disclosure issue.

  • CVE-2019-5811

    Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.

  • CVE-2019-5813

    Aleksandar Nikolic discovered an out-of-bounds read issue in the v8 javascript library.

  • CVE-2019-5814

    @AaylaSecura1138 discovered a way to bypass the Cross-Origin Resource Sharing feature.

  • CVE-2019-5815

    Nicolas Grégoire discovered a buffer overflow issue in Blink/Webkit.

  • CVE-2019-5818

    Adrian Tolbaru discovered an uninitialized value issue.

  • CVE-2019-5819

    Svyat Mitin discovered an error in the developer tools.

  • CVE-2019-5820

    pdknsk discovered an integer overflow issue in the pdfium library.

  • CVE-2019-5821

    pdknsk discovered another integer overflow issue in the pdfium library.

  • CVE-2019-5822

    Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.

  • CVE-2019-5823

    David Erceg discovered a navigation error.

  • CVE-2019-5824

    leecraso and Guang Gong discovered an error in the media player.

  • CVE-2019-5825

    Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered an out-of-bounds write issue in the v8 javascript library.

  • CVE-2019-5826

    Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered a use-after-free issue.

  • CVE-2019-5827

    mlfbrown discovered an out-of-bounds read issue in the sqlite library.

  • CVE-2019-5828

    leecraso and Guang Gong discovered a use-after-free issue.

  • CVE-2019-5829

    Lucas Pinheiro discovered a use-after-free issue.

  • CVE-2019-5830

    Andrew Krashichkov discovered a credential error in the Cross-Origin Resource Sharing feature.

  • CVE-2019-5831

    yngwei discovered a map error in the v8 javascript library.

  • CVE-2019-5832

    Sergey Shekyan discovered an error in the Cross-Origin Resource Sharing feature.

  • CVE-2019-5833

    Khalil Zhani discovered a user interface error.

  • CVE-2019-5834

    Khalil Zhani discovered a URL spoofing issue.

  • CVE-2019-5836

    Omair discovered a buffer overflow issue in the Angle library.

  • CVE-2019-5837

    Adam Iawniuk discovered an information disclosure issue.

  • CVE-2019-5838

    David Erceg discovered an error in extension permissions.

  • CVE-2019-5839

    Masato Kinugawa discovered implementation errors in Blink/Webkit.

  • CVE-2019-5840

    Eliya Stein and Jerome Dangu discovered a way to bypass the popup blocker.

  • CVE-2019-5842

    BUGFENSE discovered a use-after-free issue in Blink/Webkit.

  • CVE-2019-5847

    m3plex discovered an error in the v8 javascript library.

  • CVE-2019-5848

    Mark Amery discovered an information disclosure issue.

  • CVE-2019-5849

    Zhen Zhou discovered an out-of-bounds read in the Skia library.

  • CVE-2019-5850

    Brendon Tiszka discovered a use-after-free issue in the offline page fetcher.

  • CVE-2019-5851

    Zhe Jin discovered a use-after-poison issue.

  • CVE-2019-5852

    David Erceg discovered an information disclosure issue.

  • CVE-2019-5853

    Yngwei and sakura discovered a memory corruption issue.

  • CVE-2019-5854

    Zhen Zhou discovered an integer overflow issue in the pdfium library.

  • CVE-2019-5855

    Zhen Zhou discovered an integer overflow issue in the pdfium library.

  • CVE-2019-5856

    Yongke Wang discovered an error related to file system URL permissions.

  • CVE-2019-5857

    cloudfuzzer discovered a way to crash chromium.

  • CVE-2019-5858

    evil1m0 discovered an information disclosure issue.

  • CVE-2019-5859

    James Lee discovered a way to launch alternative browsers.

  • CVE-2019-5860

    A use-after-free issue was discovered in the v8 javascript library.

  • CVE-2019-5861

    Robin Linus discovered an error determining click location.

  • CVE-2019-5862

    Jun Kokatsu discovered an error in the AppCache implementation.

  • CVE-2019-5864

    Devin Grindle discovered an error in the Cross-Origin Resourse Sharing feature for extensions.

  • CVE-2019-5865

    Ivan Fratric discovered a way to bypass the site isolation feature.

  • CVE-2019-5867

    Lucas Pinheiro discovered an out-of-bounds read issue in the v8 javascript library.

  • CVE-2019-5868

    banananapenguin discovered a use-after-free issue in the v8 javascript library.

For the stable distribution (buster), these problems have been fixed in version 76.0.3809.100-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started