Moderate severityCISA KEVNVD Advisory· Published Jun 27, 2019· Updated Oct 21, 2025
CVE-2019-5786
CVE-2019-5786
Description
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
puppeteernpm | < 1.13.0 | 1.13.0 |
Affected products
6- ghsa-coords5 versionspkg:npm/puppeteerpkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015
< 1.13.0+ 4 more
- (no CPE)range: < 1.13.0
- (no CPE)range: < 72.0.3626.121-bp150.2.37.1
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 72.0.3626.121-bp150.2.37.1
- (no CPE)range: < 72.0.3626.121-bp150.2.37.1
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-c2gp-86p4-5935ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-5786ghsaADVISORY
- blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitationghsaWEB
- chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.htmlghsax_refsource_MISCWEB
- crbug.com/936448ghsax_refsource_MISCWEB
- github.com/GoogleChrome/puppeteer/issues/4141ghsaWEB
- snyk.io/vuln/SNYK-JS-PUPPETEER-174321ghsaWEB
- www.npmjs.com/advisories/824ghsaWEB
News mentions
0No linked articles in our index yet.