Lucene search

K

ChromeCVELIST:CVE-2019-13763

HistoryDec 10, 2019 - 9:01 p.m.

CVE-2019-13763

2019-12-1021:01:57

Chrome

www.cve.org

1

4.9 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "79.0.3945.79",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html

lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html

access.redhat.com/errata/RHSA-2019:4238

chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html

crbug.com/1011600

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/

seclists.org/bugtraq/2020/Jan/27

security.gentoo.org/glsa/202003-08

www.debian.org/security/2020/dsa-4606

4.9 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

Related for CVELIST:CVE-2019-13763

prion1 ubuntucve1 debiancve1 redhatcve1 nvd1 cve1 openvas8 nessus8 fedora2 kaspersky2 chrome1 suse2 redhat1 debian2 mageia1 osv1 gentoo1