Description: | Summary: The remote host is missing an update for the 'chromium' package(s) announced via the DSA-4500-1 advisory.
Vulnerability Insight: Several vulnerabilities have been discovered in the chromium web browser.
CVE-2019-5805 A use-after-free issue was discovered in the pdfium library.
CVE-2019-5806 Wen Xu discovered an integer overflow issue in the Angle library.
CVE-2019-5807 TimGMichaud discovered a memory corruption issue in the v8 javascript library.
CVE-2019-5808 cloudfuzzer discovered a use-after-free issue in Blink/Webkit.
CVE-2019-5809 Mark Brand discovered a use-after-free issue in Blink/Webkit.
CVE-2019-5810 Mark Amery discovered an information disclosure issue.
CVE-2019-5811 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.
CVE-2019-5813 Aleksandar Nikolic discovered an out-of-bounds read issue in the v8 javascript library.
CVE-2019-5814 @AaylaSecura1138 discovered a way to bypass the Cross-Origin Resource Sharing feature.
CVE-2019-5815 Nicolas Grégoire discovered a buffer overflow issue in Blink/Webkit.
CVE-2019-5818 Adrian Tolbaru discovered an uninitialized value issue.
CVE-2019-5819 Svyat Mitin discovered an error in the developer tools.
CVE-2019-5820 pdknsk discovered an integer overflow issue in the pdfium library.
CVE-2019-5821 pdknsk discovered another integer overflow issue in the pdfium library.
CVE-2019-5822 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.
CVE-2019-5823 David Erceg discovered a navigation error.
CVE-2019-5824 leecraso and Guang Gong discovered an error in the media player.
CVE-2019-5825 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered an out-of-bounds write issue in the v8 javascript library.
CVE-2019-5826 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered a use-after-free issue.
CVE-2019-5827 mlfbrown discovered an out-of-bounds read issue in the sqlite library.
CVE-2019-5828 leecraso and Guang Gong discovered a use-after-free issue.
CVE-2019-5829 Lucas Pinheiro discovered a use-after-free issue.
CVE-2019-5830 Andrew Krashichkov discovered a credential error in the Cross-Origin Resource Sharing feature.
CVE-2019-5831 yngwei discovered a map error in the v8 javascript library.
CVE-2019-5832 Sergey Shekyan discovered an error in the Cross-Origin Resource Sharing feature.
CVE-2019-5833 Khalil Zhani discovered a user interface error.
CVE-2019-5834 Khalil Zhani discovered a URL spoofing issue.
CVE-2019-5836 Omair discovered a buffer overflow issue in the Angle library.
CVE-2019-5837 Adam Iawniuk discovered an information disclosure issue.
CVE-2019-5838 David Erceg discovered an error in extension permissions.
CVE-2019-5839 Masato Kinugawa discovered implementat ...
Description truncated. Please see the references for more information.
Affected Software/OS: 'chromium' package(s) on Debian Linux.
Solution: For the stable distribution (buster), these problems have been fixed in version 76.0.3809.100-1~ deb10u1.
We recommend that you upgrade your chromium packages.
CVSS Score: 6.8
CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
|