admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Batch of descriptions for various Chrome releases

Browse Source
This commit is contained in:
Andrew Whalley 2019-06-26 16:47:36 +01:00 committed by Nayan Chandni
parent a5cdd25b6c
commit 0b98036367
76 changed files with 3877 additions and 550 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
2017/15xxx/CVE-2017-15430.json
View File

@ -1,50 +1,42 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-15430",
"STATE": "PUBLIC"
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Google Chrome prior to 63.0.3239.84 unknown",
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "Google Chrome prior to 63.0.3239.84 unknown"
"version_value": "63.0.3239.84",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unsafe navigation in Chromecast in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unsafe Navigation"
"value": "Insufficient data validation"
}
]
}
@ -53,15 +45,19 @@
"references": {
"reference_data": [
{
"name": "https://crbug.com/780484",
"refsource": "MISC",
"url": "https://crbug.com/780484"
},
{
"name": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page."
}
]
}
}

59
2017/5xxx/CVE-2017-5028.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5028",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-5028",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "56.0.2924.76",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/653555"
},
{
"url": "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
}
]
}

59
2018/16xxx/CVE-2018-16064.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16064",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16064",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/797461"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension."
}
]
}

59
2018/16xxx/CVE-2018-16069.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16069",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16069",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "69.0.3497.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/848238"
},
{
"url": "https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unintended floating-point error accumulation in SwiftShader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
}
]
}

59
2018/16xxx/CVE-2018-16070.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16070",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16070",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "69.0.3497.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/848716"
},
{
"url": "https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2018/16xxx/CVE-2018-16073.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16073",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16073",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "69.0.3497.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/863069"
},
{
"url": "https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass site isolation via a crafted HTML page."
}
]
}

59
2018/16xxx/CVE-2018-16074.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16074",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16074",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "69.0.3497.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/863623"
},
{
"url": "https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass site isolation via a crafted HTML page."
}
]
}

59
2018/16xxx/CVE-2018-16075.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16075",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16075",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "69.0.3497.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/788936"
},
{
"url": "https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient file type enforcement in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain local file data via a crafted HTML page."
}
]
}

59
2018/16xxx/CVE-2018-16077.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16077",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16077",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "69.0.3497.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Object lifecycle issue"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/377995"
},
{
"url": "https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass content security policy via a crafted HTML page."
}
]
}

59
2018/16xxx/CVE-2018-16086.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16086",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16086",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "69.0.3497.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/844428"
},
{
"url": "https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension."
}
]
}

59
2018/17xxx/CVE-2018-17460.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17460",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-17460",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect security UI"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/696446"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient data validation in filesystem URIs in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name."
}
]
}

59
2018/17xxx/CVE-2018-17478.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17478",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-17478",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "70.0.3538.102",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/897512"
},
{
"url": "https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page."
}
]
}

59
2018/17xxx/CVE-2018-17479.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17479",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-17479",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "70.0.3538.110",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/905336"
},
{
"url": "https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-chrome-os.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2018/20xxx/CVE-2018-20073.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20073",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-20073",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "72.0.3626.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/733943"
},
{
"url": "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem."
}
]
}

21
2018/5xxx/CVE-2018-5179.json
View File

@ -4,22 +4,22 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-5179",
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Firefox",
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "All versions prior to Firefox 60"
"version_value": "70.0.3538.67",
"version_affected": "<"
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "Covert Channel"
"value": "Insufficient policy enforcement"
}
]
}
@ -45,9 +45,10 @@
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/"
"url": "https://crbug.com/805496"
},
{
"url": "https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html"
}
]
},
@ -55,7 +56,7 @@
"description_data": [
{
"lang": "eng",
"value": "A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60."
"value": "Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to bypass service worker lifetime restrictions via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6118.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6118",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6118",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "66.0.3359.139",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/831963"
},
{
"url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop_26.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6121.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6121",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6121",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "66.0.3359.170 ",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/836858"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6128.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6128",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6128",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect security UI"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/841105"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect URL parsing in WebKit in Google Chrome on iOS prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6129.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6129",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6129",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/838672"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6130.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6130",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6130",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds read and write"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/838402"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect handling of object lifetimes in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6131.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6131",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6131",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Object lifecycle issue"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/826434"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6132.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6132",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6132",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uninitialized Use"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/839960"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file."
}
]
}

59
2018/6xxx/CVE-2018-6134.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6134",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6134",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/797465"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information leak in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6136.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6136",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6136",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/831943"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing type check in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6138.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6138",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6138",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/810220"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension."
}
]
}

59
2018/6xxx/CVE-2018-6142.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6142",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6142",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/837939"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Array bounds check failure in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file."
}
]
}

59
2018/6xxx/CVE-2018-6145.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6145",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6145",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.62",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/805924"
},
{
"url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient data validation in HTML parser in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass same origin policy via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6148.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6148",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6148",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.79",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/845961"
},
{
"url": "https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6149.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6149",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6149",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "67.0.3396.87",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/848672"
},
{
"url": "https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop_12.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6150.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6150",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6150",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "66.0.3359.117",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/812667"
},
{
"url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6154.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6154",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6154",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/848914"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6155.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6155",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6155",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/842265"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect handling of frames in the VP8 parser in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file."
}
]
}

59
2018/6xxx/CVE-2018-6156.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6156",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6156",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/841962"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file."
}
]
}

59
2018/6xxx/CVE-2018-6157.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6157",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6157",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/840536"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file."
}
]
}

59
2018/6xxx/CVE-2018-6159.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6159",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6159",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/837275"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6161.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6161",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6161",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/826552"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6168.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6168",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6168",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/828265"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page."
}
]
}

59
2018/6xxx/CVE-2018-6171.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6171",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6171",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/851799"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension."
}
]
}

59
2018/6xxx/CVE-2018-6176.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6176",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6176",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/666824"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension."
}
]
}

59
2018/6xxx/CVE-2018-6177.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6177",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-6177",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "68.0.3440.75",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/826187"
},
{
"url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5784.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5784",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5784",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "72.0.3626.96",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/915975"
},
{
"url": "https://chromereleases.googleblog.com/2019/02/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect handling of deferred code in V8 in Google Chrome prior to 72.0.3626.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5785.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5785",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5785",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "72.0.3626.81",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/899689"
},
{
"url": "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5786.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5786",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5786",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "72.0.3626.121",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/936448"
},
{
"url": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5805.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5805",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5805",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/913320"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
}
]
}

59
2019/5xxx/CVE-2019-5806.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5806",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5806",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/943087"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5807.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5807",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5807",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Object lifecycle issue"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/945644"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5808.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5808",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5808",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/947029"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5809.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5809",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5809",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/941008"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5810.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5810",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5810",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Side-channel information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/916838"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5811.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5811",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5811",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/771815"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5812.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5812",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5812",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect security UI"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/925598"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5813.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5813",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5813",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/942699"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5814.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5814",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5814",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/930057"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5816.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5816",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5816",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/940245"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5817.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5817",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5817",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/943709"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5818.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5818",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5818",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uninitialized Use"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/929962"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file."
}
]
}

59
2019/5xxx/CVE-2019-5819.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5819",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5819",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/919356"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard."
}
]
}

59
2019/5xxx/CVE-2019-5820.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5820",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5820",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/919635"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
}
]
}

59
2019/5xxx/CVE-2019-5821.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5821",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5821",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/919640"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
}
]
}

59
2019/5xxx/CVE-2019-5822.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5822",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5822",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/926105"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5823.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5823",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5823",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.108",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/930154"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5824.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5824",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5824",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.131",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parameter passing error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/948564"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5827.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5827",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5827",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "74.0.3729.131",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/952406"
},
{
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5828.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5828",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5828",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/956597"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5829.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5829",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5829",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/958533"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5830.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5830",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5830",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/665766"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5831.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5831",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5831",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/950328"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5832.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5832",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5832",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/959390"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5833.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5833",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5833",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect security UI"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/945067"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5834.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5834",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5834",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/962368"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5835.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5835",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5835",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Object lifecycle issue"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/939239"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5836.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5836",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5836",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/947342"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5837.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5837",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5837",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Side-channel information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/918293"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
}
]
}

59
2019/5xxx/CVE-2019-5838.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5838",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5838",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/893087"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension."
}
]
}

59
2019/5xxx/CVE-2019-5839.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5839",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5839",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/925614"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL."
}
]
}

59
2019/5xxx/CVE-2019-5840.json
View File

@ -1,17 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5840",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5840",
"ASSIGNER": "chrome-cve-admin@google.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "75.0.3770.80",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect security UI"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/951782"
},
{
"url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
}
]
}