From f7a47df6d8be682de101cbedc9f356ea41f7eed9 Mon Sep 17 00:00:00 2001 From: Adrian Taylor Date: Fri, 3 Jan 2020 14:25:20 -0800 Subject: [PATCH] Remaining 2019 Chrome CVEs. --- 2019/13xxx/CVE-2019-13765.json | 68 ++++++++++++++++++++++++++++++++++ 2019/13xxx/CVE-2019-13766.json | 68 ++++++++++++++++++++++++++++++++++ 2019/5xxx/CVE-2019-5844.json | 66 +++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5845.json | 66 +++++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5846.json | 66 +++++++++++++++++++++++++++++---- 5 files changed, 310 insertions(+), 24 deletions(-) create mode 100644 2019/13xxx/CVE-2019-13765.json create mode 100644 2019/13xxx/CVE-2019-13766.json diff --git a/2019/13xxx/CVE-2019-13765.json b/2019/13xxx/CVE-2019-13765.json new file mode 100644 index 00000000000..f5bbb84c88e --- /dev/null +++ b/2019/13xxx/CVE-2019-13765.json @@ -0,0 +1,68 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13765", + "ASSIGNER": "security@google.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "78.0.3904.70", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html" + }, + { + "url": "https://crbug.com/1007194", + "refsource": "MISC", + "name": "https://crbug.com/1007194" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + } + ] + } +} diff --git a/2019/13xxx/CVE-2019-13766.json b/2019/13xxx/CVE-2019-13766.json new file mode 100644 index 00000000000..3c87439a54f --- /dev/null +++ b/2019/13xxx/CVE-2019-13766.json @@ -0,0 +1,68 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13766", + "ASSIGNER": "security@google.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "77.0.3865.75", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html" + }, + { + "url": "https://crbug.com/989969", + "refsource": "MISC", + "name": "https://crbug.com/989969" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + } + ] + } +} diff --git a/2019/5xxx/CVE-2019-5844.json b/2019/5xxx/CVE-2019-5844.json index 3323d99dcf6..76e009b817f 100644 --- a/2019/5xxx/CVE-2019-5844.json +++ b/2019/5xxx/CVE-2019-5844.json @@ -1,18 +1,68 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5844", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5844", + "ASSIGNER": "security@google.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "73.0.3683.75", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out of bounds memory access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html" + }, + { + "url": "https://crbug.com/915206", + "refsource": "MISC", + "name": "https://crbug.com/915206" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } -} \ No newline at end of file +} diff --git a/2019/5xxx/CVE-2019-5845.json b/2019/5xxx/CVE-2019-5845.json index a839c5a1d6e..5cb9d377f3f 100644 --- a/2019/5xxx/CVE-2019-5845.json +++ b/2019/5xxx/CVE-2019-5845.json @@ -1,18 +1,68 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5845", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5845", + "ASSIGNER": "security@google.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "73.0.3683.75", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out of bounds memory access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html" + }, + { + "url": "https://crbug.com/915197", + "refsource": "MISC", + "name": "https://crbug.com/915197" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } -} \ No newline at end of file +} diff --git a/2019/5xxx/CVE-2019-5846.json b/2019/5xxx/CVE-2019-5846.json index 68ee1404cce..33209a73789 100644 --- a/2019/5xxx/CVE-2019-5846.json +++ b/2019/5xxx/CVE-2019-5846.json @@ -1,18 +1,68 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5846", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5846", + "ASSIGNER": "security@google.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "73.0.3683.75", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out of bounds memory access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", + "refsource": "MISC", + "name": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html" + }, + { + "url": "https://crbug.com/915218", + "refsource": "MISC", + "name": "https://crbug.com/915218" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } -} \ No newline at end of file +}