rpm package
suse/chromium&distro=SUSE Package Hub 15
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015
Vulnerabilities (210)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-5763 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5762 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | ||
| CVE-2019-5761 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5760 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5759 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2019-5758 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5757 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | ||
| CVE-2019-5756 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | ||
| CVE-2019-5755 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | ||
| CVE-2019-5754 | — | < 72.0.3626.96-bp150.2.32.1 | 72.0.3626.96-bp150.2.32.1 | Feb 19, 2019 | Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. |
- CVE-2019-5763Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2019-5762Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
- CVE-2019-5761Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2019-5760Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2019-5759Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2019-5758Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2019-5757Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
- CVE-2019-5756Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
- CVE-2019-5755Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
- CVE-2019-5754Feb 19, 2019affected < 72.0.3626.96-bp150.2.32.1fixed 72.0.3626.96-bp150.2.32.1
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy.
Page 11 of 11