[FEDORA-2019-05a780936d] Fedora 30: chromium
Severity
Critical
Affected Packages
1
CVEs
49
Update to 73.0.3683.75. Fixes large bucket of CVEs. CVE-2019-5754 CVE-2019-5782
CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759
CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764
CVE-2019-5765 CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 CVE-2019-5769
CVE-2019-5770 CVE-2019-5771 CVE-2019-5772 CVE-2019-5773 CVE-2019-5774
CVE-2019-5775 CVE-2019-5776 CVE-2019-5777 CVE-2019-5778 CVE-2019-5779
CVE-2019-5780 CVE-2019-5781 CVE-2019-5784 CVE-2019-5786 CVE-2019-5787
CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792
CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797
CVE-2019-5798 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803
Package | Affected Version |
---|---|
pkg:rpm/fedora/chromium?distro=fedora-30 | < 73.0.3683.75.2.fc30 |
- ID
- FEDORA-2019-05a780936d
- Severity
- critical
- Severity from
- CVE-2019-5759
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2019-05a780936d
- Published
-
2019-03-29T19:41:48
(5 years ago) - Modified
-
2019-03-29T19:41:48
(5 years ago) - Rights
- Copyright 2019 Red Hat, Inc.
- Other Advisories
-
- ALAS2-2019-1229
- ALPINE:CVE-2019-5786
- ALPINE:CVE-2019-5798
- ASA-201902-3
- ASA-201903-1
- ASA-201903-8
- ASA-201905-8
- CISA-2022:0523
- DSA-4395-1
- DSA-4404-1
- DSA-4421-1
- DSA-4448-1
- DSA-4451-1
- ELSA-2019-1265
- ELSA-2019-1267
- ELSA-2019-1269
- ELSA-2019-1308
- ELSA-2019-1309
- ELSA-2019-1310
- FEDORA-2019-561eae4626
- GLSA-201903-23
- MFSA-2019-14
- MFSA-2019-15
- NPM:GHSA-C2GP-86P4-5935
- openSUSE-SU-2019:0204-1
- openSUSE-SU-2019:0206-1
- openSUSE-SU-2019:0216-1
- openSUSE-SU-2019:0298-1
- openSUSE-SU-2019:1062-1
- openSUSE-SU-2019:1534-1
- openSUSE-SU-2019:1664-1
- openSUSE-SU-2019:1666-1
- RHSA-2019:0309
- RHSA-2019:0396
- RHSA-2019:0481
- RHSA-2019:0708
- RHSA-2019:1265
- RHSA-2019:1267
- RHSA-2019:1269
- RHSA-2019:1308
- RHSA-2019:1309
- RHSA-2019:1310
- SSA:2019-141-01
- SUSE-SU-2019:1458-1
- USN-3997-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1688200 | Bug #1688200 - CVE-2019-5798 chromium-browser: Out of bounds read in Skia | https://bugzilla.redhat.com/show_bug.cgi?id=1688200 |
Bugzilla | 1688196 | Bug #1688196 - CVE-2019-5794 chromium-browser: Security UI spoofing | https://bugzilla.redhat.com/show_bug.cgi?id=1688196 |
Bugzilla | 1688191 | Bug #1688191 - CVE-2019-5789 chromium-browser: Use after free in WebMIDI | https://bugzilla.redhat.com/show_bug.cgi?id=1688191 |
Bugzilla | 1688202 | Bug #1688202 - CVE-2019-5800 chromium-browser: CSP bypass with blob URL | https://bugzilla.redhat.com/show_bug.cgi?id=1688202 |
Bugzilla | 1688201 | Bug #1688201 - CVE-2019-5799 chromium-browser: CSP bypass with blob URL | https://bugzilla.redhat.com/show_bug.cgi?id=1688201 |
Bugzilla | 1688205 | Bug #1688205 - CVE-2019-5803 chromium-browser: CSP bypass with Javascript URLs' | https://bugzilla.redhat.com/show_bug.cgi?id=1688205 |
Bugzilla | 1670759 | Bug #1670759 - CVE-2019-5775 chromium-browser: Insufficient policy enforcement in Omnibox | https://bugzilla.redhat.com/show_bug.cgi?id=1670759 |
Bugzilla | 1688193 | Bug #1688193 - CVE-2019-5791 chromium-browser: Type confusion in V8 | https://bugzilla.redhat.com/show_bug.cgi?id=1688193 |
Bugzilla | 1688192 | Bug #1688192 - CVE-2019-5790 chromium-browser: Heap buffer overflow in V8 | https://bugzilla.redhat.com/show_bug.cgi?id=1688192 |
Bugzilla | 1670763 | Bug #1670763 - CVE-2019-5779 chromium-browser: Insufficient policy enforcement in ServiceWorker | https://bugzilla.redhat.com/show_bug.cgi?id=1670763 |
Bugzilla | 1670752 | Bug #1670752 - CVE-2019-5768 chromium-browser: Insufficient policy enforcement in DevTools | https://bugzilla.redhat.com/show_bug.cgi?id=1670752 |
Bugzilla | 1670744 | Bug #1670744 - CVE-2019-5760 chromium-browser: Use after free in WebRTC | https://bugzilla.redhat.com/show_bug.cgi?id=1670744 |
Bugzilla | 1670756 | Bug #1670756 - CVE-2019-5772 chromium-browser: Use after free in PDFium | https://bugzilla.redhat.com/show_bug.cgi?id=1670756 |
Bugzilla | 1688206 | Bug #1688206 - CVE-2019-5804 chromium-browser: Command line command injection on Windows | https://bugzilla.redhat.com/show_bug.cgi?id=1688206 |
Bugzilla | 1688198 | Bug #1688198 - CVE-2019-5796 chromium-browser: Race condition in Extensions | https://bugzilla.redhat.com/show_bug.cgi?id=1688198 |
Bugzilla | 1670761 | Bug #1670761 - CVE-2019-5777 chromium-browser: Insufficient policy enforcement in Omnibox | https://bugzilla.redhat.com/show_bug.cgi?id=1670761 |
Bugzilla | 1670753 | Bug #1670753 - CVE-2019-5769 chromium-browser: Insufficient validation of untrusted input in Blink | https://bugzilla.redhat.com/show_bug.cgi?id=1670753 |
Bugzilla | 1670758 | Bug #1670758 - CVE-2019-5774 chromium-browser: Insufficient validation of untrusted input in SafeBrowsing | https://bugzilla.redhat.com/show_bug.cgi?id=1670758 |
Bugzilla | 1688199 | Bug #1688199 - CVE-2019-5797 chromium-browser: Race condition in DOMStorage | https://bugzilla.redhat.com/show_bug.cgi?id=1688199 |
Bugzilla | 1688204 | Bug #1688204 - CVE-2019-5802 chromium-browser: Security UI spoofing | https://bugzilla.redhat.com/show_bug.cgi?id=1688204 |
Bugzilla | 1685162 | Bug #1685162 - CVE-2019-5786 chromium-browser: Use-after-free in FileReader | https://bugzilla.redhat.com/show_bug.cgi?id=1685162 |
Bugzilla | 1688195 | Bug #1688195 - CVE-2019-5793 chromium-browser: Excessive permissions for private API in Extensions | https://bugzilla.redhat.com/show_bug.cgi?id=1688195 |
Bugzilla | 1670751 | Bug #1670751 - CVE-2019-5767 chromium-browser: Incorrect security UI in WebAPKs | https://bugzilla.redhat.com/show_bug.cgi?id=1670751 |
Bugzilla | 1688189 | Bug #1688189 - CVE-2019-5787 chromium-browser: Use after free in Canvas | https://bugzilla.redhat.com/show_bug.cgi?id=1688189 |
Bugzilla | 1670747 | Bug #1670747 - CVE-2019-5763 chromium-browser: Insufficient validation of untrusted input in V8 | https://bugzilla.redhat.com/show_bug.cgi?id=1670747 |
Bugzilla | 1670764 | Bug #1670764 - CVE-2019-5780 chromium-browser: Insufficient policy enforcement | https://bugzilla.redhat.com/show_bug.cgi?id=1670764 |
Bugzilla | 1688194 | Bug #1688194 - CVE-2019-5792 chromium-browser: Integer overflow in PDFium | https://bugzilla.redhat.com/show_bug.cgi?id=1688194 |
Bugzilla | 1670757 | Bug #1670757 - CVE-2019-5773 chromium-browser: Insufficient data validation in IndexedDB | https://bugzilla.redhat.com/show_bug.cgi?id=1670757 |
Bugzilla | 1670750 | Bug #1670750 - CVE-2019-5766 chromium-browser: Insufficient policy enforcement in Canvas | https://bugzilla.redhat.com/show_bug.cgi?id=1670750 |
Bugzilla | 1688203 | Bug #1688203 - CVE-2019-5801 chromium-browser: Incorrect Omnibox display on iOS | https://bugzilla.redhat.com/show_bug.cgi?id=1688203 |
Bugzilla | 1670745 | Bug #1670745 - CVE-2019-5761 chromium-browser: Use after free in SwiftShader | https://bugzilla.redhat.com/show_bug.cgi?id=1670745 |
Bugzilla | 1670737 | Bug #1670737 - CVE-2019-5754 chromium-browser: Inappropriate implementation in QUIC Networking | https://bugzilla.redhat.com/show_bug.cgi?id=1670737 |
Bugzilla | 1670760 | Bug #1670760 - CVE-2019-5776 chromium-browser: Insufficient policy enforcement in Omnibox | https://bugzilla.redhat.com/show_bug.cgi?id=1670760 |
Bugzilla | 1670755 | Bug #1670755 - CVE-2019-5771 chromium-browser: Heap buffer overflow in SwiftShader | https://bugzilla.redhat.com/show_bug.cgi?id=1670755 |
Bugzilla | 1676527 | Bug #1676527 - CVE-2019-5784 chromium-browser: Inappropriate implementation in V8 | https://bugzilla.redhat.com/show_bug.cgi?id=1676527 |
Bugzilla | 1670743 | Bug #1670743 - CVE-2019-5759 chromium-browser: Use after free in HTML select elements | https://bugzilla.redhat.com/show_bug.cgi?id=1670743 |
Bugzilla | 1670741 | Bug #1670741 - CVE-2019-5757 chromium-browser: Type Confusion in SVG | https://bugzilla.redhat.com/show_bug.cgi?id=1670741 |
Bugzilla | 1670742 | Bug #1670742 - CVE-2019-5758 chromium-browser: Use after free in Blink | https://bugzilla.redhat.com/show_bug.cgi?id=1670742 |
Bugzilla | 1688197 | Bug #1688197 - CVE-2019-5795 chromium-browser: Integer overflow in PDFium | https://bugzilla.redhat.com/show_bug.cgi?id=1688197 |
Bugzilla | 1670739 | Bug #1670739 - CVE-2019-5755 chromium-browser: Inappropriate implementation in V8 | https://bugzilla.redhat.com/show_bug.cgi?id=1670739 |
Bugzilla | 1670748 | Bug #1670748 - CVE-2019-5764 chromium-browser: Use after free in WebRTC | https://bugzilla.redhat.com/show_bug.cgi?id=1670748 |
Bugzilla | 1688190 | Bug #1688190 - CVE-2019-5788 chromium-browser: Use after free in FileAPI | https://bugzilla.redhat.com/show_bug.cgi?id=1688190 |
Bugzilla | 1670740 | Bug #1670740 - CVE-2019-5756 chromium-browser: Use after free in PDFium | https://bugzilla.redhat.com/show_bug.cgi?id=1670740 |
Bugzilla | 1670746 | Bug #1670746 - CVE-2019-5762 chromium-browser: Use after free in PDFium | https://bugzilla.redhat.com/show_bug.cgi?id=1670746 |
Bugzilla | 1670749 | Bug #1670749 - CVE-2019-5765 chromium-browser: Insufficient policy enforcement in the browser | https://bugzilla.redhat.com/show_bug.cgi?id=1670749 |
Bugzilla | 1670762 | Bug #1670762 - CVE-2019-5778 chromium-browser: Insufficient policy enforcement in Extensions | https://bugzilla.redhat.com/show_bug.cgi?id=1670762 |
Bugzilla | 1670738 | Bug #1670738 - CVE-2019-5782 chromium-browser: Inappropriate implementation in V8 | https://bugzilla.redhat.com/show_bug.cgi?id=1670738 |
Bugzilla | 1670754 | Bug #1670754 - CVE-2019-5770 chromium-browser: Heap buffer overflow in WebGL | https://bugzilla.redhat.com/show_bug.cgi?id=1670754 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/chromium?distro=fedora-30 | fedora | chromium | < 73.0.3683.75.2.fc30 | fedora-30 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |