Google Chrome < M73 - FileSystemOperationRunner Use-After-Free
2019-03-19T00:00:00
ID EDB-ID:46571 Type exploitdb Reporter Exploit-DB Modified 2019-03-19T00:00:00
Description
There's a comment in FileSystemOperationRunner::BeginOperation
OperationID FileSystemOperationRunner::BeginOperation(
std::unique_ptr<FileSystemOperation> operation) {
OperationID id = next_operation_id_++;
// TODO(https://crbug.com/864351): Diagnostic to determine whether OperationID
// wrap-around is occurring in the wild.
DCHECK(operations_.find(id) == operations_.end());
// ! If id already in operations_, this will free operation
operations_.emplace(id, std::move(operation));
return id;
}
The id is an int, and it can wrap, and if it does this will cause a use-after-free in the browser process, since the normal usage of BeginOperation is the following:
OperationID FileSystemOperationRunner::Truncate(const FileSystemURL& url,
int64_t length,
StatusCallback callback) {
base::File::Error error = base::File::FILE_OK;
std::unique_ptr<FileSystemOperation> operation = base::WrapUnique(
file_system_context_->CreateFileSystemOperation(url, &error));
// ! take a raw pointer to the contents of the unique_ptr
FileSystemOperation* operation_raw = operation.get();
// ! call BeginOperation passing the move'd unique_ptr, freeing operation
OperationID id = BeginOperation(std::move(operation));
base::AutoReset<bool> beginning(&is_beginning_operation_, true);
if (!operation_raw) {
DidFinish(id, std::move(callback), error);
return id;
}
PrepareForWrite(id, url);
// ! use the raw free'd pointer here.
operation_raw->Truncate(url, length,
base::BindOnce(&FileSystemOperationRunner::DidFinish,
weak_ptr_, id, std::move(callback)));
return id;
}
I think that to trigger this, you'd need either a malformed blob in the blob registry, or access to the FileWriter api, so at present this would require a compromised renderer.
I've attached two PoCs that should trigger this issue; it looks like the runtime for either approach from javascript should take ~2 days on my machine. (I'd suggest patching the OperationId typedef to short to reproduce, unless you are extremely patient).
$ python ./copy_mojo_js_bindings.py /path/to/chrome/.../out/Asan/gen
$ python -m SimpleHTTPServer&
$ /ssd/chrome_trunk/src/out/Asan/chrome --enable-blink-features=MojoJS --user-data-dir=/tmp/aa 'http://localhost:8000/id_overflow_no_filewriter.html'
Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46571.zip
{"id": "EDB-ID:46571", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Google Chrome < M73 - FileSystemOperationRunner Use-After-Free", "description": "", "published": "2019-03-19T00:00:00", "modified": "2019-03-19T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/46571", "reporter": "Exploit-DB", "references": [], "cvelist": ["CVE-2019-5788"], "lastseen": "2019-03-19T19:06:05", "viewCount": 34, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-5788"]}, {"type": "zdt", "idList": ["1337DAY-ID-32385"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814870", "OPENVAS:1361412562310875626", "OPENVAS:1361412562310704421", "OPENVAS:1361412562310814869", "OPENVAS:1361412562310852346", "OPENVAS:1361412562310814868", "OPENVAS:1361412562310852598", "OPENVAS:1361412562310852369"]}, {"type": "archlinux", "idList": ["ASA-201903-8"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4421-1:57AB0"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2019-0708.NASL", "FEDORA_2019-561EAE4626.NASL", "OPENSUSE-2019-343.NASL", "OPENSUSE-2019-1062.NASL", "OPENSUSE-2019-1666.NASL", "DEBIAN_DSA-4421.NASL", "FEDORA_2019-05A780936D.NASL", "GOOGLE_CHROME_73_0_3683_75.NASL", "MACOSX_GOOGLE_CHROME_73_0_3683_75.NASL", "GENTOO_GLSA-201903-23.NASL"]}, {"type": "redhat", "idList": ["RHSA-2019:0708"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1062-1", "OPENSUSE-SU-2019:1666-1", "OPENSUSE-SU-2019:0343-1"]}, {"type": "kaspersky", "idList": ["KLA11436"]}, {"type": "gentoo", "idList": ["GLSA-201903-23"]}], "modified": "2019-03-19T19:06:05", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2019-03-19T19:06:05", "rev": 2}, "vulnersScore": 6.8}, "sourceHref": "https://www.exploit-db.com/download/46571", "sourceData": "There's a comment in FileSystemOperationRunner::BeginOperation\r\n\r\nOperationID FileSystemOperationRunner::BeginOperation(\r\n std::unique_ptr<FileSystemOperation> operation) {\r\n OperationID id = next_operation_id_++;\r\n\r\n // TODO(https://crbug.com/864351): Diagnostic to determine whether OperationID\r\n // wrap-around is occurring in the wild.\r\n DCHECK(operations_.find(id) == operations_.end());\r\n\r\n // ! If id already in operations_, this will free operation\r\n operations_.emplace(id, std::move(operation));\r\n return id;\r\n}\r\n\r\nThe id is an int, and it can wrap, and if it does this will cause a use-after-free in the browser process, since the normal usage of BeginOperation is the following:\r\n\r\nOperationID FileSystemOperationRunner::Truncate(const FileSystemURL& url,\r\n int64_t length,\r\n StatusCallback callback) {\r\n base::File::Error error = base::File::FILE_OK;\r\n std::unique_ptr<FileSystemOperation> operation = base::WrapUnique(\r\n file_system_context_->CreateFileSystemOperation(url, &error));\r\n // ! take a raw pointer to the contents of the unique_ptr\r\n FileSystemOperation* operation_raw = operation.get();\r\n // ! call BeginOperation passing the move'd unique_ptr, freeing operation\r\n OperationID id = BeginOperation(std::move(operation));\r\n base::AutoReset<bool> beginning(&is_beginning_operation_, true);\r\n if (!operation_raw) {\r\n DidFinish(id, std::move(callback), error);\r\n return id;\r\n }\r\n PrepareForWrite(id, url);\r\n // ! use the raw free'd pointer here.\r\n operation_raw->Truncate(url, length,\r\n base::BindOnce(&FileSystemOperationRunner::DidFinish,\r\n weak_ptr_, id, std::move(callback)));\r\n return id;\r\n}\r\n\r\nI think that to trigger this, you'd need either a malformed blob in the blob registry, or access to the FileWriter api, so at present this would require a compromised renderer.\r\n\r\nI've attached two PoCs that should trigger this issue; it looks like the runtime for either approach from javascript should take ~2 days on my machine. (I'd suggest patching the OperationId typedef to short to reproduce, unless you are extremely patient).\r\n\r\n$ python ./copy_mojo_js_bindings.py /path/to/chrome/.../out/Asan/gen\r\n$ python -m SimpleHTTPServer&\r\n$ /ssd/chrome_trunk/src/out/Asan/chrome --enable-blink-features=MojoJS --user-data-dir=/tmp/aa 'http://localhost:8000/id_overflow_no_filewriter.html'\r\n\r\n\r\nProof of Concept:\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46571.zip", "osvdbidlist": []}
{"cve": [{"lastseen": "2020-12-09T21:41:54", "description": "An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.", "edition": 15, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-23T20:29:00", "title": "CVE-2019-5788", "type": "cve", "cwe": ["CWE-190", "CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5788"], "modified": "2020-08-24T17:37:00", "cpe": [], "id": "CVE-2019-5788", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-5788", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}], "zdt": [{"lastseen": "2019-03-23T19:03:19", "description": "Exploit for multiple platform in category dos / poc", "edition": 1, "published": "2019-03-20T00:00:00", "title": "Google Chrome < M73 - FileSystemOperationRunner Use-After-Free Exploit", "type": "zdt", "bulletinFamily": "exploit", "cvelist": ["CVE-2019-5788"], "modified": "2019-03-20T00:00:00", "id": "1337DAY-ID-32385", "href": "https://0day.today/exploit/description/32385", "sourceData": "Google Chrome < M73 - FileSystemOperationRunner Use-After-Free\r\n\r\nThere's a comment in FileSystemOperationRunner::BeginOperation\r\n\r\nOperationID FileSystemOperationRunner::BeginOperation(\r\n std::unique_ptr<FileSystemOperation> operation) {\r\n OperationID id = next_operation_id_++;\r\n\r\n // TODO(https://crbug.com/864351): Diagnostic to determine whether OperationID\r\n // wrap-around is occurring in the wild.\r\n DCHECK(operations_.find(id) == operations_.end());\r\n\r\n // ! If id already in operations_, this will free operation\r\n operations_.emplace(id, std::move(operation));\r\n return id;\r\n}\r\n\r\nThe id is an int, and it can wrap, and if it does this will cause a use-after-free in the browser process, since the normal usage of BeginOperation is the following:\r\n\r\nOperationID FileSystemOperationRunner::Truncate(const FileSystemURL& url,\r\n int64_t length,\r\n StatusCallback callback) {\r\n base::File::Error error = base::File::FILE_OK;\r\n std::unique_ptr<FileSystemOperation> operation = base::WrapUnique(\r\n file_system_context_->CreateFileSystemOperation(url, &error));\r\n // ! take a raw pointer to the contents of the unique_ptr\r\n FileSystemOperation* operation_raw = operation.get();\r\n // ! call BeginOperation passing the move'd unique_ptr, freeing operation\r\n OperationID id = BeginOperation(std::move(operation));\r\n base::AutoReset<bool> beginning(&is_beginning_operation_, true);\r\n if (!operation_raw) {\r\n DidFinish(id, std::move(callback), error);\r\n return id;\r\n }\r\n PrepareForWrite(id, url);\r\n // ! use the raw free'd pointer here.\r\n operation_raw->Truncate(url, length,\r\n base::BindOnce(&FileSystemOperationRunner::DidFinish,\r\n weak_ptr_, id, std::move(callback)));\r\n return id;\r\n}\r\n\r\nI think that to trigger this, you'd need either a malformed blob in the blob registry, or access to the FileWriter api, so at present this would require a compromised renderer.\r\n\r\nI've attached two PoCs that should trigger this issue; it looks like the runtime for either approach from javascript should take ~2 days on my machine. (I'd suggest patching the OperationId typedef to short to reproduce, unless you are extremely patient).\r\n\r\n$ python ./copy_mojo_js_bindings.py /path/to/chrome/.../out/Asan/gen\r\n$ python -m SimpleHTTPServer&\r\n$ /ssd/chrome_trunk/src/out/Asan/chrome --enable-blink-features=MojoJS --user-data-dir=/tmp/aa 'http://localhost:8000/id_overflow_no_filewriter.html'\r\n\r\n\r\nProof of Concept:\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46571.zip\r\n\r\n\n\n# 0day.today [2019-03-23] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/32385"}], "openvas": [{"lastseen": "2019-05-29T18:32:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5793", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "The remote host is missing an update for the ", "modified": "2019-04-26T00:00:00", "published": "2019-04-06T00:00:00", "id": "OPENVAS:1361412562310704421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704421", "type": "openvas", "title": "Debian Security Advisory DSA 4421-1 (chromium - security update)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704421\");\n script_version(\"2019-04-26T08:24:31+0000\");\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5802\", \"CVE-2019-5803\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-04-26 08:24:31 +0000 (Fri, 26 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-06 02:00:31 +0000 (Sat, 06 Apr 2019)\");\n script_name(\"Debian Security Advisory DSA 4421-1 (chromium - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4421.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4421-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the DSA-4421-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2019-5787\nZhe Jin discovered a use-after-free issue.\n\nCVE-2019-5788\nMark Brand discovered a use-after-free issue in the FileAPI\nimplementation.\n\nCVE-2019-5789\nMark Brand discovered a use-after-free issue in the WebMIDI\nimplementation.\n\nCVE-2019-5790\nDimitri Fourny discovered a buffer overflow issue in the v8 javascript\nlibrary.\n\nCVE-2019-5791\nChoongwoo Han discovered a type confusion issue in the v8 javascript\nlibrary.\n\nCVE-2019-5792\npdknsk discovered an integer overflow issue in the pdfium library.\n\nCVE-2019-5793\nJun Kokatsu discovered a permissions issue in the Extensions\nimplementation.\n\nCVE-2019-5794\nJuno Im of Theori discovered a user interface spoofing issue.\n\nCVE-2019-5795\npdknsk discovered an integer overflow issue in the pdfium library.\n\nCVE-2019-5796\nMark Brand discovered a race condition in the Extensions implementation.\n\nCVE-2019-5797\nMark Brand discovered a race condition in the DOMStorage implementation.\n\nCVE-2019-5798\nTran Tien Hung discovered an out-of-bounds read issue in the skia library.\n\nCVE-2019-5799\nsohalt discovered a way to bypass the Content Security Policy.\n\nCVE-2019-5800\nJun Kokatsu discovered a way to bypass the Content Security Policy.\n\nCVE-2019-5802\nRonni Skansing discovered a user interface spoofing issue.\n\nCVE-2019-5803\nAndrew Comminos discovered a way to bypass the Content Security Policy.\");\n\n script_tag(name:\"affected\", value:\"'chromium' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 73.0.3683.75-1~deb9u1.\n\nWe recommend that you upgrade your chromium packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"chromedriver\", ver:\"73.0.3683.75-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium\", ver:\"73.0.3683.75-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-driver\", ver:\"73.0.3683.75-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-l10n\", ver:\"73.0.3683.75-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-shell\", ver:\"73.0.3683.75-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"chromium-widevine\", ver:\"73.0.3683.75-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310814869", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814869", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop_12-2019-03)-MAC OS X", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814869\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\",\n \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\",\n \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\",\n \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\",\n \"CVE-2019-5803\", \"CVE-2019-5804\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-14 12:15:13 +0530 (Thu, 14 Mar 2019)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop_12-2019-03)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Use after free errors in Canvas, FileAPI, WebMIDI.\n\n - Heap buffer overflow error in V8.\n\n - Type confusion error in V8.\n\n - Integer overflow error in PDFium.\n\n - Excessive permissions for private API in Extensions.\n\n - Security UI spoofing.\n\n - Race condition in Extensions and DOMStorage.\n\n - Out of bounds read error in Skia.\n\n - CSP bypass errors with blob URL and Javascript URLs'.\n\n - Incorrect Omnibox display on iOS.\n\n - Command line command injection on Windows.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to execute arbitrary code, cause denial of service and spoofing attacks,\n and also take control of an affected system.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 73.0.3683.75 on MAC OS X\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 73.0.3683.75 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html\");\n script_xref(name:\"URL\", value:\"https://www.google.com/chrome\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_macosx.nasl\");\n script_mandatory_keys(\"GoogleChrome/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nchr_ver = infos['version'];\nchr_path = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"73.0.3683.75\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"73.0.3683.75\", install_path:chr_path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310814870", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814870", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop_12-2019-03)-Windows", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814870\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\",\n \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\",\n \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\",\n \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\",\n \"CVE-2019-5803\", \"CVE-2019-5804\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-14 12:16:02 +0530 (Thu, 14 Mar 2019)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop_12-2019-03)-Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Use after free errors in Canvas, FileAPI, WebMIDI.\n\n - Heap buffer overflow error in V8.\n\n - Type confusion error in V8.\n\n - Integer overflow error in PDFium.\n\n - Excessive permissions for private API in Extensions.\n\n - Security UI spoofing.\n\n - Race condition in Extensions and DOMStorage.\n\n - Out of bounds read error in Skia.\n\n - CSP bypass errors with blob URL and Javascript URLs'.\n\n - Incorrect Omnibox display on iOS.\n\n - Command line command injection on Windows.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to execute arbitrary code, cause denial of service and spoofing attacks,\n and also take control of an affected system.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 73.0.3683.75 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 73.0.3683.75 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html\");\n script_xref(name:\"URL\", value:\"https://www.google.com/chrome\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nchr_ver = infos['version'];\nchr_path = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"73.0.3683.75\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"73.0.3683.75\", install_path:chr_path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:53:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-04-03T00:00:00", "id": "OPENVAS:1361412562310852369", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852369", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2019:1062-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852369\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\",\n \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\",\n \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\",\n \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\",\n \"CVE-2019-5803\", \"CVE-2019-5804\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-03 06:41:42 +0000 (Wed, 03 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2019:1062-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1062-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00038.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the openSUSE-SU-2019:1062-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for chromium to version 73.0.3683.75 fixes the following\n issues:\n\n Security issues fixed (bsc#1129059):\n\n - CVE-2019-5787: Fixed a use after free in Canvas.\n\n - CVE-2019-5788: Fixed a use after free in FileAPI.\n\n - CVE-2019-5789: Fixed a use after free in WebMIDI.\n\n - CVE-2019-5790: Fixed a heap buffer overflow in V8.\n\n - CVE-2019-5791: Fixed a type confusion in V8.\n\n - CVE-2019-5792: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5793: Fixed excessive permissions for private API in Extensions.\n\n - CVE-2019-5794: Fixed security UI spoofing.\n\n - CVE-2019-5795: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5796: Fixed a race condition in Extensions.\n\n - CVE-2019-5797: Fixed a race condition in DOMStorage.\n\n - CVE-2019-5798: Fixed an out of bounds read in Skia.\n\n - CVE-2019-5799: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5800: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5801: Fixed an incorrect Omnibox display on iOS.\n\n - CVE-2019-5802: Fixed security UI spoofing.\n\n - CVE-2019-5803: Fixed a CSP bypass with Javascript URLs'.\n\n - CVE-2019-5804: Fixed a command line injection on Windows.\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1062=1\");\n\n script_tag(name:\"affected\", value:\"'chromium' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~73.0.3683.75~lp150.206.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~73.0.3683.75~lp150.206.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~73.0.3683.75~lp150.206.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~73.0.3683.75~lp150.206.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~73.0.3683.75~lp150.206.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:51:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310852346", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852346", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2019:0343-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852346\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\", \"CVE-2019-5803\", \"CVE-2019-5804\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-18 04:08:51 +0100 (Mon, 18 Mar 2019)\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2019:0343-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0343-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00025.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the openSUSE-SU-2019:0343-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for chromium to version\n 73.0.3683.75 fixes the following\n\n issues:\n\n Security issues fixed (bsc#1129059):\n\n - CVE-2019-5787: Fixed a use after free in Canvas.\n\n - CVE-2019-5788: Fixed a use after free in FileAPI.\n\n - CVE-2019-5789: Fixed a use after free in WebMIDI.\n\n - CVE-2019-5790: Fixed a heap buffer overflow in V8.\n\n - CVE-2019-5791: Fixed a type confusion in V8.\n\n - CVE-2019-5792: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5793: Fixed excessive permissions for private API in Extensions.\n\n - CVE-2019-5794: Fixed security UI spoofing.\n\n - CVE-2019-5795: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5796: Fixed a race condition in Extensions.\n\n - CVE-2019-5797: Fixed a race condition in DOMStorage.\n\n - CVE-2019-5798: Fixed an out of bounds read in Skia.\n\n - CVE-2019-5799: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5800: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5801: Fixed an incorrect Omnibox display on iOS.\n\n - CVE-2019-5802: Fixed security UI spoofing.\n\n - CVE-2019-5803: Fixed a CSP bypass with Javascript URLs'.\n\n - CVE-2019-5804: Fixed a command line injection on Windows.\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-343=1\");\n\n script_tag(name:\"affected\", value:\"chromium on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~73.0.3683.75~205.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~73.0.3683.75~205.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~73.0.3683.75~205.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~73.0.3683.75~205.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~73.0.3683.75~205.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310814868", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814868", "type": "openvas", "title": "Google Chrome Security Updates(stable-channel-update-for-desktop_12-2019-03)-Linux", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\n\nCPE = \"cpe:/a:google:chrome\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814868\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\",\n \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\",\n \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\",\n \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\",\n \"CVE-2019-5803\", \"CVE-2019-5804\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-14 12:14:20 +0530 (Thu, 14 Mar 2019)\");\n script_name(\"Google Chrome Security Updates(stable-channel-update-for-desktop_12-2019-03)-Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Google Chrome\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Use after free errors in Canvas, FileAPI, WebMIDI.\n\n - Heap buffer overflow error in V8.\n\n - Type confusion error in V8.\n\n - Integer overflow error in PDFium.\n\n - Excessive permissions for private API in Extensions.\n\n - Security UI spoofing.\n\n - Race condition in Extensions and DOMStorage.\n\n - Out of bounds read error in Skia.\n\n - CSP bypass errors with blob URL and Javascript URLs'.\n\n - Incorrect Omnibox display on iOS.\n\n - Command line command injection on Windows.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote\n attacker to execute arbitrary code, cause denial of service and spoofing attacks,\n and also take control of an affected system.\");\n\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 73.0.3683.75 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Google Chrome version 73.0.3683.75 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html\");\n script_xref(name:\"URL\", value:\"https://www.google.com/chrome\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nchr_ver = infos['version'];\nchr_path = infos['location'];\n\nif(version_is_less(version:chr_ver, test_version:\"73.0.3683.75\"))\n{\n report = report_fixed_ver(installed_version:chr_ver, fixed_version:\"73.0.3683.75\", install_path:chr_path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5766", "CVE-2019-5769", "CVE-2019-5758", "CVE-2019-5761", "CVE-2019-5767", "CVE-2019-5777", "CVE-2019-5772", "CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5763", "CVE-2019-5771", "CVE-2019-5803", "CVE-2019-5776", "CVE-2019-5764", "CVE-2019-5755", "CVE-2019-5792", "CVE-2019-5762", "CVE-2019-5757", "CVE-2019-5768", "CVE-2019-5754", "CVE-2019-5782", "CVE-2019-5801", "CVE-2019-5779", "CVE-2019-5756", "CVE-2019-5793", "CVE-2019-5770", "CVE-2019-5778", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5786", "CVE-2019-5799", "CVE-2019-5775", "CVE-2019-5773", "CVE-2019-5796", "CVE-2019-5780", "CVE-2019-5791", "CVE-2019-5784", "CVE-2019-5765", "CVE-2019-5781", "CVE-2019-5759", "CVE-2019-5790", "CVE-2019-5760", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787", "CVE-2019-5774"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875626", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875626", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2019-561eae4626", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875626\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-5754\", \"CVE-2019-5782\", \"CVE-2019-5755\", \"CVE-2019-5756\", \"CVE-2019-5757\", \"CVE-2019-5758\", \"CVE-2019-5759\", \"CVE-2019-5760\", \"CVE-2019-5761\", \"CVE-2019-5762\", \"CVE-2019-5763\", \"CVE-2019-5764\", \"CVE-2019-5765\", \"CVE-2019-5766\", \"CVE-2019-5767\", \"CVE-2019-5768\", \"CVE-2019-5769\", \"CVE-2019-5770\", \"CVE-2019-5771\", \"CVE-2019-5772\", \"CVE-2019-5773\", \"CVE-2019-5774\", \"CVE-2019-5775\", \"CVE-2019-5776\", \"CVE-2019-5777\", \"CVE-2019-5778\", \"CVE-2019-5779\", \"CVE-2019-5780\", \"CVE-2019-5781\", \"CVE-2019-5784\", \"CVE-2019-5786\", \"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5802\", \"CVE-2019-5803\", \"CVE-2019-5804\", \"CVE-2019-5801\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:12:35 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for chromium FEDORA-2019-561eae4626\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-561eae4626\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQOP53LXXPRGD4N5OBKGQTSMFXT32LF6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the FEDORA-2019-561eae4626 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium is an open-source web browser, powered by WebKit (Blink).\");\n\n script_tag(name:\"affected\", value:\"'chromium' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~73.0.3683.75~2.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:51:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5836", "CVE-2019-5834", "CVE-2019-5831", "CVE-2019-5816", "CVE-2019-5808", "CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5805", "CVE-2019-5822", "CVE-2019-5833", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5813", "CVE-2019-5829", "CVE-2019-5810", "CVE-2019-5819", "CVE-2019-5837", "CVE-2019-5812", "CVE-2019-5832", "CVE-2019-5824", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5818", "CVE-2019-5804", "CVE-2019-5809", "CVE-2019-5797", "CVE-2019-5820", "CVE-2019-5798", "CVE-2019-5807", "CVE-2019-5842", "CVE-2019-5795", "CVE-2019-5821", "CVE-2019-5839", "CVE-2019-5835", "CVE-2019-5799", "CVE-2019-5838", "CVE-2019-5815", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5840", "CVE-2019-5811", "CVE-2019-5828", "CVE-2019-5817", "CVE-2019-5790", "CVE-2019-5806", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5830", "CVE-2019-5827", "CVE-2019-5788", "CVE-2019-5814", "CVE-2019-5823", "CVE-2019-5787"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-06-29T00:00:00", "id": "OPENVAS:1361412562310852598", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852598", "type": "openvas", "title": "openSUSE: Security Advisory for chromium (openSUSE-SU-2019:1666-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852598\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\",\n \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\",\n \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\",\n \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\",\n \"CVE-2019-5803\", \"CVE-2019-5804\", \"CVE-2019-5805\", \"CVE-2019-5806\",\n \"CVE-2019-5807\", \"CVE-2019-5808\", \"CVE-2019-5809\", \"CVE-2019-5810\",\n \"CVE-2019-5811\", \"CVE-2019-5812\", \"CVE-2019-5813\", \"CVE-2019-5814\",\n \"CVE-2019-5815\", \"CVE-2019-5816\", \"CVE-2019-5817\", \"CVE-2019-5818\",\n \"CVE-2019-5819\", \"CVE-2019-5820\", \"CVE-2019-5821\", \"CVE-2019-5822\",\n \"CVE-2019-5823\", \"CVE-2019-5824\", \"CVE-2019-5827\", \"CVE-2019-5828\",\n \"CVE-2019-5829\", \"CVE-2019-5830\", \"CVE-2019-5831\", \"CVE-2019-5832\",\n \"CVE-2019-5833\", \"CVE-2019-5834\", \"CVE-2019-5835\", \"CVE-2019-5836\",\n \"CVE-2019-5837\", \"CVE-2019-5838\", \"CVE-2019-5839\", \"CVE-2019-5840\",\n \"CVE-2019-5842\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-29 02:01:15 +0000 (Sat, 29 Jun 2019)\");\n script_name(\"openSUSE: Security Advisory for chromium (openSUSE-SU-2019:1666-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSELeap42\\.3|openSUSELeap15\\.0)\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1666-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the openSUSE-SU-2019:1666-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for chromium fixes the following issues:\n\n Chromium was updated to 75.0.3770.90 (boo#1137332 boo#1138287):\n\n * CVE-2019-5842: Use-after-free in Blink.\n\n\n Also updated to 75.0.3770.80 boo#1137332:\n\n * CVE-2019-5828: Use after free in ServiceWorker\n\n * CVE-2019-5829: Use after free in Download Manager\n\n * CVE-2019-5830: Incorrectly credentialed requests in CORS\n\n * CVE-2019-5831: Incorrect map processing in V8\n\n * CVE-2019-5832: Incorrect CORS handling in XHR\n\n * CVE-2019-5833: Inconsistent security UI placemen\n\n * CVE-2019-5835: Out of bounds read in Swiftshader\n\n * CVE-2019-5836: Heap buffer overflow in Angle\n\n * CVE-2019-5837: Cross-origin resources size disclosure in Appcache\n\n * CVE-2019-5838: Overly permissive tab access in Extensions\n\n * CVE-2019-5839: Incorrect handling of certain code points in Blink\n\n * CVE-2019-5840: Popup blocker bypass\n\n * Various fixes from internal audits, fuzzing and other initiatives\n\n * CVE-2019-5834: URL spoof in Omnibox on iOS\n\n Update to 74.0.3729.169:\n\n * Feature fixes update only\n\n Update to 74.0.3729.157:\n\n * Various security fixes from internal audits, fuzzing and other\n initiatives\n\n Includes security fixes from 74.0.3729.131 (boo#1134218):\n\n * CVE-2019-5827: Out-of-bounds access in SQLite\n\n * CVE-2019-5824: Parameter passing error in media player\n\n Update to 74.0.3729.108 boo#1133313:\n\n * CVE-2019-5805: Use after free in PDFium\n\n * CVE-2019-5806: Integer overflow in Angle\n\n * CVE-2019-5807: Memory corruption in V8\n\n * CVE-2019-5808: Use after free in Blink\n\n * CVE-2019-5809: Use after free in Blink\n\n * CVE-2019-5810: User information disclosure in Autofill\n\n * CVE-2019-5811: CORS bypass in Blink\n\n * CVE-2019-5813: Out of bounds read in V8\n\n * CVE-2019-5814: CORS bypass in Blink\n\n * CVE-2019-5815: Heap buffer overflow in Blink\n\n * CVE-2019-5818: Uninitialized value in media reader\n\n * CVE-2019-5819: Incorrect escaping in developer tools\n\n * CVE-2019-5820: Integer overflow in PDFium\n\n * CVE-2019-5821: Integer overflow in PDFium\n\n * CVE-2019-5822: CORS bypass in download manager\n\n * CVE-2019-5823: Forced navigation from service worker\n\n * CVE-2019-5812: URL spoof in Omnibox on iOS\n\n * CVE-2019-5816: Exploit persistence extension on Android\n\n * CVE-2019-5817: Heap buffer overflow in Angle on Windows\n\n Update to 73.0.3686.103:\n\n * Various feature fixes\n\n Update to 73.0.3683.86:\n\n * Just feature fixes around\n\n - Update conditions to use system harfbuzz on TW+\n\n - Require java during build\n\n - Enable using pipewire when available\n\n - Rebase chromium-vaapi.patch to match up the Fedora one\n\n Update to 73 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'chromium' package(s) on openSUSE Leap 42.3, openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~75.0.3770.90~217.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~75.0.3770.90~217.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~75.0.3770.90~217.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~75.0.3770.90~217.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~75.0.3770.90~217.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver\", rpm:\"chromedriver~75.0.3770.90~lp150.218.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromedriver-debuginfo\", rpm:\"chromedriver-debuginfo~75.0.3770.90~lp150.218.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~75.0.3770.90~lp150.218.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debuginfo\", rpm:\"chromium-debuginfo~75.0.3770.90~lp150.218.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium-debugsource\", rpm:\"chromium-debugsource~75.0.3770.90~lp150.218.4\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T01:50:19", "description": "Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2019-5787\n Zhe Jin discovered a use-after-free issue.\n\n - CVE-2019-5788\n Mark Brand discovered a use-after-free issue in the\n FileAPI implementation.\n\n - CVE-2019-5789\n Mark Brand discovered a use-after-free issue in the\n WebMIDI implementation.\n\n - CVE-2019-5790\n Dimitri Fourny discovered a buffer overflow issue in the\n v8 JavaScript library.\n\n - CVE-2019-5791\n Choongwoo Han discovered a type confusion issue in the\n v8 JavaScript library.\n\n - CVE-2019-5792\n pdknsk discovered an integer overflow issue in the\n pdfium library.\n\n - CVE-2019-5793\n Jun Kokatsu discovered a permissions issue in the\n Extensions implementation.\n\n - CVE-2019-5794\n Juno Im of Theori discovered a user interface spoofing\n issue.\n\n - CVE-2019-5795\n pdknsk discovered an integer overflow issue in the\n pdfium library.\n\n - CVE-2019-5796\n Mark Brand discovered a race condition in the Extensions\n implementation.\n\n - CVE-2019-5797\n Mark Brand discovered a race condition in the DOMStorage\n implementation.\n\n - CVE-2019-5798\n Tran Tien Hung discovered an out-of-bounds read issue in\n the skia library.\n\n - CVE-2019-5799\n sohalt discovered a way to bypass the Content Security\n Policy.\n\n - CVE-2019-5800\n Jun Kokatsu discovered a way to bypass the Content\n Security Policy.\n\n - CVE-2019-5802\n Ronni Skansing discovered a user interface spoofing\n issue.\n\n - CVE-2019-5803\n Andrew Comminos discovered a way to bypass the Content\n Security Policy.", "edition": 16, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-04-01T00:00:00", "title": "Debian DSA-4421-1 : chromium - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5793", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4421.NASL", "href": "https://www.tenable.com/plugins/nessus/123533", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4421. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123533);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/05/29 10:47:07\");\n\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5802\", \"CVE-2019-5803\");\n script_xref(name:\"DSA\", value:\"4421\");\n\n script_name(english:\"Debian DSA-4421-1 : chromium - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the chromium web\nbrowser.\n\n - CVE-2019-5787\n Zhe Jin discovered a use-after-free issue.\n\n - CVE-2019-5788\n Mark Brand discovered a use-after-free issue in the\n FileAPI implementation.\n\n - CVE-2019-5789\n Mark Brand discovered a use-after-free issue in the\n WebMIDI implementation.\n\n - CVE-2019-5790\n Dimitri Fourny discovered a buffer overflow issue in the\n v8 JavaScript library.\n\n - CVE-2019-5791\n Choongwoo Han discovered a type confusion issue in the\n v8 JavaScript library.\n\n - CVE-2019-5792\n pdknsk discovered an integer overflow issue in the\n pdfium library.\n\n - CVE-2019-5793\n Jun Kokatsu discovered a permissions issue in the\n Extensions implementation.\n\n - CVE-2019-5794\n Juno Im of Theori discovered a user interface spoofing\n issue.\n\n - CVE-2019-5795\n pdknsk discovered an integer overflow issue in the\n pdfium library.\n\n - CVE-2019-5796\n Mark Brand discovered a race condition in the Extensions\n implementation.\n\n - CVE-2019-5797\n Mark Brand discovered a race condition in the DOMStorage\n implementation.\n\n - CVE-2019-5798\n Tran Tien Hung discovered an out-of-bounds read issue in\n the skia library.\n\n - CVE-2019-5799\n sohalt discovered a way to bypass the Content Security\n Policy.\n\n - CVE-2019-5800\n Jun Kokatsu discovered a way to bypass the Content\n Security Policy.\n\n - CVE-2019-5802\n Ronni Skansing discovered a user interface spoofing\n issue.\n\n - CVE-2019-5803\n Andrew Comminos discovered a way to bypass the Content\n Security Policy.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5793\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5797\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-5803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/chromium\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/chromium\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4421\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 73.0.3683.75-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"chromedriver\", reference:\"73.0.3683.75-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium\", reference:\"73.0.3683.75-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-driver\", reference:\"73.0.3683.75-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-l10n\", reference:\"73.0.3683.75-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-shell\", reference:\"73.0.3683.75-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"chromium-widevine\", reference:\"73.0.3683.75-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-31T20:21:11", "description": "An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 73.0.3683.75.\n\nSecurity Fix(es) :\n\n* chromium-browser: Use after free in Canvas (CVE-2019-5787)\n\n* chromium-browser: Use after free in FileAPI (CVE-2019-5788)\n\n* chromium-browser: Use after free in WebMIDI (CVE-2019-5789)\n\n* chromium-browser: Heap buffer overflow in V8 (CVE-2019-5790)\n\n* chromium-browser: Type confusion in V8 (CVE-2019-5791)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-5792)\n\n* chromium-browser: Excessive permissions for private API in\nExtensions (CVE-2019-5793)\n\n* chromium-browser: Security UI spoofing (CVE-2019-5794)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-5795)\n\n* chromium-browser: Race condition in Extensions (CVE-2019-5796)\n\n* chromium-browser: Race condition in DOMStorage (CVE-2019-5797)\n\n* chromium-browser: Out of bounds read in Skia (CVE-2019-5798)\n\n* chromium-browser: CSP bypass with blob URL (CVE-2019-5799)\n\n* chromium-browser: CSP bypass with blob URL (CVE-2019-5800)\n\n* chromium-browser: Security UI spoofing (CVE-2019-5802)\n\n* chromium-browser: CSP bypass with JavaScript URLs (CVE-2019-5803)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 9, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-04-09T00:00:00", "title": "RHEL 6 : chromium-browser (RHSA-2019:0708)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5793", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "modified": "2019-04-09T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo", "p-cpe:/a:redhat:enterprise_linux:chromium-browser", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2019-0708.NASL", "href": "https://www.tenable.com/plugins/nessus/123914", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0708. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123914);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5802\", \"CVE-2019-5803\");\n script_xref(name:\"RHSA\", value:\"2019:0708\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2019:0708)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for chromium-browser is now available for Red Hat Enterprise\nLinux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nChromium is an open source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 73.0.3683.75.\n\nSecurity Fix(es) :\n\n* chromium-browser: Use after free in Canvas (CVE-2019-5787)\n\n* chromium-browser: Use after free in FileAPI (CVE-2019-5788)\n\n* chromium-browser: Use after free in WebMIDI (CVE-2019-5789)\n\n* chromium-browser: Heap buffer overflow in V8 (CVE-2019-5790)\n\n* chromium-browser: Type confusion in V8 (CVE-2019-5791)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-5792)\n\n* chromium-browser: Excessive permissions for private API in\nExtensions (CVE-2019-5793)\n\n* chromium-browser: Security UI spoofing (CVE-2019-5794)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-5795)\n\n* chromium-browser: Race condition in Extensions (CVE-2019-5796)\n\n* chromium-browser: Race condition in DOMStorage (CVE-2019-5797)\n\n* chromium-browser: Out of bounds read in Skia (CVE-2019-5798)\n\n* chromium-browser: CSP bypass with blob URL (CVE-2019-5799)\n\n* chromium-browser: CSP bypass with blob URL (CVE-2019-5800)\n\n* chromium-browser: Security UI spoofing (CVE-2019-5802)\n\n* chromium-browser: CSP bypass with JavaScript URLs (CVE-2019-5803)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5793\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5797\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-5803\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected chromium-browser and / or\nchromium-browser-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0708\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-73.0.3683.75-1.el6_10\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-73.0.3683.75-1.el6_10\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"chromium-browser-debuginfo-73.0.3683.75-1.el6_10\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"chromium-browser-debuginfo-73.0.3683.75-1.el6_10\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium-browser / chromium-browser-debuginfo\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:09:19", "description": "The version of Google Chrome installed on the remote Windows host is\nprior to 73.0.3683.75. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 2019_03_stable-channel-update-\nfor-desktop_12 advisory.\n\n - Use after free in Canvas. (CVE-2019-5787)\n\n - Use after free in FileAPI. (CVE-2019-5788)\n\n - Use after free in WebMIDI. (CVE-2019-5789)\n\n - Heap buffer overflow in V8. (CVE-2019-5790)\n\n - Type confusion in V8. (CVE-2019-5791)\n\n - Integer overflow in PDFium. (CVE-2019-5792,\n CVE-2019-5795)\n\n - Excessive permissions for private API in Extensions.\n (CVE-2019-5793)\n\n - Security UI spoofing. (CVE-2019-5794, CVE-2019-5802)\n\n - Race condition in Extensions. (CVE-2019-5796)\n\n - Race condition in DOMStorage. (CVE-2019-5797)\n\n - Out of bounds read in Skia. (CVE-2019-5798)\n\n - CSP bypass with blob URL. (CVE-2019-5799, CVE-2019-5800)\n\n - Incorrect Omnibox display on iOS. (CVE-2019-5801)\n\n - CSP bypass with Javascript URLs'. (CVE-2019-5803)\n\n - Command line command injection on Windows.\n (CVE-2019-5804)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 18, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-14T00:00:00", "title": "Google Chrome < 73.0.3683.75 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_73_0_3683_75.NASL", "href": "https://www.tenable.com/plugins/nessus/122853", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122853);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/10/30 13:24:47\");\n\n script_cve_id(\n \"CVE-2019-5787\",\n \"CVE-2019-5788\",\n \"CVE-2019-5789\",\n \"CVE-2019-5790\",\n \"CVE-2019-5791\",\n \"CVE-2019-5792\",\n \"CVE-2019-5793\",\n \"CVE-2019-5794\",\n \"CVE-2019-5795\",\n \"CVE-2019-5796\",\n \"CVE-2019-5797\",\n \"CVE-2019-5798\",\n \"CVE-2019-5799\",\n \"CVE-2019-5800\",\n \"CVE-2019-5801\",\n \"CVE-2019-5802\",\n \"CVE-2019-5803\",\n \"CVE-2019-5804\"\n );\n script_bugtraq_id(107363);\n\n script_name(english:\"Google Chrome < 73.0.3683.75 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is\nprior to 73.0.3683.75. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 2019_03_stable-channel-update-\nfor-desktop_12 advisory.\n\n - Use after free in Canvas. (CVE-2019-5787)\n\n - Use after free in FileAPI. (CVE-2019-5788)\n\n - Use after free in WebMIDI. (CVE-2019-5789)\n\n - Heap buffer overflow in V8. (CVE-2019-5790)\n\n - Type confusion in V8. (CVE-2019-5791)\n\n - Integer overflow in PDFium. (CVE-2019-5792,\n CVE-2019-5795)\n\n - Excessive permissions for private API in Extensions.\n (CVE-2019-5793)\n\n - Security UI spoofing. (CVE-2019-5794, CVE-2019-5802)\n\n - Race condition in Extensions. (CVE-2019-5796)\n\n - Race condition in DOMStorage. (CVE-2019-5797)\n\n - Out of bounds read in Skia. (CVE-2019-5798)\n\n - CSP bypass with blob URL. (CVE-2019-5799, CVE-2019-5800)\n\n - Incorrect Omnibox display on iOS. (CVE-2019-5801)\n\n - CSP bypass with Javascript URLs'. (CVE-2019-5803)\n\n - Command line command injection on Windows.\n (CVE-2019-5804)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1a2b6e84\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/913964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/925864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/921581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/914736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/926651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/914983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/937487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/935175\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/919643\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/918861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/916523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/883596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/905301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/894228\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/921390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/632514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/909865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/933004\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 73.0.3683.75 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5789\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\n\ngoogle_chrome_check_version(installs:installs, fix:'73.0.3683.75', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T12:51:02", "description": "This update for chromium to version 73.0.3683.75 fixes the following\nissues :\n\nSecurity issues fixed (bsc#1129059) :\n\n - CVE-2019-5787: Fixed a use after free in Canvas.\n\n - CVE-2019-5788: Fixed a use after free in FileAPI.\n\n - CVE-2019-5789: Fixed a use after free in WebMIDI.\n\n - CVE-2019-5790: Fixed a heap buffer overflow in V8.\n\n - CVE-2019-5791: Fixed a type confusion in V8.\n\n - CVE-2019-5792: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5793: Fixed excessive permissions for private\n API in Extensions.\n\n - CVE-2019-5794: Fixed security UI spoofing.\n\n - CVE-2019-5795: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5796: Fixed a race condition in Extensions.\n\n - CVE-2019-5797: Fixed a race condition in DOMStorage.\n\n - CVE-2019-5798: Fixed an out of bounds read in Skia.\n\n - CVE-2019-5799: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5800: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5801: Fixed an incorrect Omnibox display on\n iOS.\n\n - CVE-2019-5802: Fixed security UI spoofing.\n\n - CVE-2019-5803: Fixed a CSP bypass with JavaScript URLs'.\n\n - CVE-2019-5804: Fixed a command line injection on\n Windows.\n\nRelease notes:\nhttps://chromereleases.googleblog.com/2019/03/stable-channel-update-fo\nr-desktop_12.html", "edition": 15, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-18T00:00:00", "title": "openSUSE Security Update : chromium (openSUSE-2019-343)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "modified": "2019-03-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromedriver", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:chromium-debuginfo"], "id": "OPENSUSE-2019-343.NASL", "href": "https://www.tenable.com/plugins/nessus/122888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-343.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122888);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\", \"CVE-2019-5803\", \"CVE-2019-5804\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2019-343)\");\n script_summary(english:\"Check for the openSUSE-2019-343 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for chromium to version 73.0.3683.75 fixes the following\nissues :\n\nSecurity issues fixed (bsc#1129059) :\n\n - CVE-2019-5787: Fixed a use after free in Canvas.\n\n - CVE-2019-5788: Fixed a use after free in FileAPI.\n\n - CVE-2019-5789: Fixed a use after free in WebMIDI.\n\n - CVE-2019-5790: Fixed a heap buffer overflow in V8.\n\n - CVE-2019-5791: Fixed a type confusion in V8.\n\n - CVE-2019-5792: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5793: Fixed excessive permissions for private\n API in Extensions.\n\n - CVE-2019-5794: Fixed security UI spoofing.\n\n - CVE-2019-5795: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5796: Fixed a race condition in Extensions.\n\n - CVE-2019-5797: Fixed a race condition in DOMStorage.\n\n - CVE-2019-5798: Fixed an out of bounds read in Skia.\n\n - CVE-2019-5799: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5800: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5801: Fixed an incorrect Omnibox display on\n iOS.\n\n - CVE-2019-5802: Fixed security UI spoofing.\n\n - CVE-2019-5803: Fixed a CSP bypass with JavaScript URLs'.\n\n - CVE-2019-5804: Fixed a command line injection on\n Windows.\n\nRelease notes:\nhttps://chromereleases.googleblog.com/2019/03/stable-channel-update-fo\nr-desktop_12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1129059\"\n );\n # https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1a2b6e84\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-73.0.3683.75-205.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromedriver-debuginfo-73.0.3683.75-205.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-73.0.3683.75-205.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debuginfo-73.0.3683.75-205.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"chromium-debugsource-73.0.3683.75-205.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T12:40:27", "description": "This update for chromium to version 73.0.3683.75 fixes the following\nissues :\n\nSecurity issues fixed (bsc#1129059) :\n\n - CVE-2019-5787: Fixed a use after free in Canvas.\n\n - CVE-2019-5788: Fixed a use after free in FileAPI.\n\n - CVE-2019-5789: Fixed a use after free in WebMIDI.\n\n - CVE-2019-5790: Fixed a heap buffer overflow in V8.\n\n - CVE-2019-5791: Fixed a type confusion in V8.\n\n - CVE-2019-5792: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5793: Fixed excessive permissions for private\n API in Extensions.\n\n - CVE-2019-5794: Fixed security UI spoofing.\n\n - CVE-2019-5795: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5796: Fixed a race condition in Extensions.\n\n - CVE-2019-5797: Fixed a race condition in DOMStorage.\n\n - CVE-2019-5798: Fixed an out of bounds read in Skia.\n\n - CVE-2019-5799: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5800: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5801: Fixed an incorrect Omnibox display on\n iOS.\n\n - CVE-2019-5802: Fixed security UI spoofing.\n\n - CVE-2019-5803: Fixed a CSP bypass with JavaScript URLs'.\n\n - CVE-2019-5804: Fixed a command line injection on\n Windows.\n\nRelease notes:\nhttps://chromereleases.googleblog.com/2019/03/stable-channel-update-fo\nr-desktop_12.html", "edition": 12, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-29T00:00:00", "title": "openSUSE Security Update : chromium (openSUSE-2019-1062)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "modified": "2019-03-29T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium-debuginfo"], "id": "OPENSUSE-2019-1062.NASL", "href": "https://www.tenable.com/plugins/nessus/123492", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1062.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123492);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\", \"CVE-2019-5803\", \"CVE-2019-5804\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2019-1062)\");\n script_summary(english:\"Check for the openSUSE-2019-1062 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for chromium to version 73.0.3683.75 fixes the following\nissues :\n\nSecurity issues fixed (bsc#1129059) :\n\n - CVE-2019-5787: Fixed a use after free in Canvas.\n\n - CVE-2019-5788: Fixed a use after free in FileAPI.\n\n - CVE-2019-5789: Fixed a use after free in WebMIDI.\n\n - CVE-2019-5790: Fixed a heap buffer overflow in V8.\n\n - CVE-2019-5791: Fixed a type confusion in V8.\n\n - CVE-2019-5792: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5793: Fixed excessive permissions for private\n API in Extensions.\n\n - CVE-2019-5794: Fixed security UI spoofing.\n\n - CVE-2019-5795: Fixed an integer overflow in PDFium.\n\n - CVE-2019-5796: Fixed a race condition in Extensions.\n\n - CVE-2019-5797: Fixed a race condition in DOMStorage.\n\n - CVE-2019-5798: Fixed an out of bounds read in Skia.\n\n - CVE-2019-5799: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5800: Fixed a CSP bypass with blob URL.\n\n - CVE-2019-5801: Fixed an incorrect Omnibox display on\n iOS.\n\n - CVE-2019-5802: Fixed security UI spoofing.\n\n - CVE-2019-5803: Fixed a CSP bypass with JavaScript URLs'.\n\n - CVE-2019-5804: Fixed a command line injection on\n Windows.\n\nRelease notes:\nhttps://chromereleases.googleblog.com/2019/03/stable-channel-update-fo\nr-desktop_12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1129059\"\n );\n # https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1a2b6e84\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromedriver-73.0.3683.75-lp150.206.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromedriver-debuginfo-73.0.3683.75-lp150.206.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-73.0.3683.75-lp150.206.1\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-debuginfo-73.0.3683.75-lp150.206.1\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"chromium-debugsource-73.0.3683.75-lp150.206.1\", allowmaj:TRUE) ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:33:54", "description": "The version of Google Chrome installed on the remote macOS host is\nprior to 73.0.3683.75. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 2019_03_stable-channel-update-\nfor-desktop_12 advisory.\n\n - Use after free in Canvas. (CVE-2019-5787)\n\n - Use after free in FileAPI. (CVE-2019-5788)\n\n - Use after free in WebMIDI. (CVE-2019-5789)\n\n - Heap buffer overflow in V8. (CVE-2019-5790)\n\n - Type confusion in V8. (CVE-2019-5791)\n\n - Integer overflow in PDFium. (CVE-2019-5792,\n CVE-2019-5795)\n\n - Excessive permissions for private API in Extensions.\n (CVE-2019-5793)\n\n - Security UI spoofing. (CVE-2019-5794, CVE-2019-5802)\n\n - Race condition in Extensions. (CVE-2019-5796)\n\n - Race condition in DOMStorage. (CVE-2019-5797)\n\n - Out of bounds read in Skia. (CVE-2019-5798)\n\n - CSP bypass with blob URL. (CVE-2019-5799, CVE-2019-5800)\n\n - Incorrect Omnibox display on iOS. (CVE-2019-5801)\n\n - CSP bypass with Javascript URLs'. (CVE-2019-5803)\n\n - Command line command injection on Windows.\n (CVE-2019-5804)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 18, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-14T00:00:00", "title": "Google Chrome < 73.0.3683.75 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_73_0_3683_75.NASL", "href": "https://www.tenable.com/plugins/nessus/122852", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122852);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/10/30 13:24:46\");\n\n script_cve_id(\n \"CVE-2019-5787\",\n \"CVE-2019-5788\",\n \"CVE-2019-5789\",\n \"CVE-2019-5790\",\n \"CVE-2019-5791\",\n \"CVE-2019-5792\",\n \"CVE-2019-5793\",\n \"CVE-2019-5794\",\n \"CVE-2019-5795\",\n \"CVE-2019-5796\",\n \"CVE-2019-5797\",\n \"CVE-2019-5798\",\n \"CVE-2019-5799\",\n \"CVE-2019-5800\",\n \"CVE-2019-5801\",\n \"CVE-2019-5802\",\n \"CVE-2019-5803\",\n \"CVE-2019-5804\"\n );\n script_bugtraq_id(107363);\n\n script_name(english:\"Google Chrome < 73.0.3683.75 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Google Chrome.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is\nprior to 73.0.3683.75. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 2019_03_stable-channel-update-\nfor-desktop_12 advisory.\n\n - Use after free in Canvas. (CVE-2019-5787)\n\n - Use after free in FileAPI. (CVE-2019-5788)\n\n - Use after free in WebMIDI. (CVE-2019-5789)\n\n - Heap buffer overflow in V8. (CVE-2019-5790)\n\n - Type confusion in V8. (CVE-2019-5791)\n\n - Integer overflow in PDFium. (CVE-2019-5792,\n CVE-2019-5795)\n\n - Excessive permissions for private API in Extensions.\n (CVE-2019-5793)\n\n - Security UI spoofing. (CVE-2019-5794, CVE-2019-5802)\n\n - Race condition in Extensions. (CVE-2019-5796)\n\n - Race condition in DOMStorage. (CVE-2019-5797)\n\n - Out of bounds read in Skia. (CVE-2019-5798)\n\n - CSP bypass with blob URL. (CVE-2019-5799, CVE-2019-5800)\n\n - Incorrect Omnibox display on iOS. (CVE-2019-5801)\n\n - CSP bypass with Javascript URLs'. (CVE-2019-5803)\n\n - Command line command injection on Windows.\n (CVE-2019-5804)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1a2b6e84\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/913964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/925864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/921581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/914736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/926651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/914983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/937487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/935175\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/919643\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/918861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/916523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/883596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/905301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/894228\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/921390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/632514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/909865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/933004\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 73.0.3683.75 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5789\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"MacOSX/Google Chrome/Installed\");\n\ngoogle_chrome_check_version(fix:'73.0.3683.75', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T02:57:07", "description": "The remote host is affected by the vulnerability described in GLSA-201903-23\n(Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and Google\n Chrome. Please review the referenced CVE identifiers and Google Chrome\n Releases for details.\n \nImpact :\n\n Please review the referenced CVE identifiers and Google Chrome Releases\n for details.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 16, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-28T00:00:00", "title": "GLSA-201903-23 : Chromium: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5786", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2018-17479", "CVE-2019-5788", "CVE-2019-5787"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:chromium"], "id": "GENTOO_GLSA-201903-23.NASL", "href": "https://www.tenable.com/plugins/nessus/123429", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-23.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123429);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/06/04 9:45:00\");\n\n script_cve_id(\"CVE-2018-17479\", \"CVE-2019-5786\", \"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\", \"CVE-2019-5803\", \"CVE-2019-5804\");\n script_xref(name:\"GLSA\", value:\"201903-23\");\n\n script_name(english:\"GLSA-201903-23 : Chromium: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-23\n(Chromium: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and Google\n Chrome. Please review the referenced CVE identifiers and Google Chrome\n Releases for details.\n \nImpact :\n\n Please review the referenced CVE identifiers and Google Chrome Releases\n for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-73.0.3683.75'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 73.0.3683.75\"), vulnerable:make_list(\"lt 73.0.3683.75\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T02:23:31", "description": "Update to 73.0.3683.75. Fixes large bucket of CVEs.\n\nCVE-2019-5754 CVE-2019-5782 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757\nCVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762\nCVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767\nCVE-2019-5768 CVE-2019-5769 CVE-2019-5770 CVE-2019-5771 CVE-2019-5772\nCVE-2019-5773 CVE-2019-5774 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777\nCVE-2019-5778 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781 CVE-2019-5784\nCVE-2019-5786 CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790\nCVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795\nCVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800\nCVE-2019-5802 CVE-2019-5803\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-26T00:00:00", "title": "Fedora 29 : chromium (2019-561eae4626)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5766", "CVE-2019-5769", "CVE-2019-5758", "CVE-2019-5761", "CVE-2019-5767", "CVE-2019-5777", "CVE-2019-5772", "CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5763", "CVE-2019-5771", "CVE-2019-5803", "CVE-2019-5776", "CVE-2019-5764", "CVE-2019-5755", "CVE-2019-5792", "CVE-2019-5762", "CVE-2019-5757", "CVE-2019-5768", "CVE-2019-5754", "CVE-2019-5782", "CVE-2019-5801", "CVE-2019-5779", "CVE-2019-5756", "CVE-2019-5793", "CVE-2019-5770", "CVE-2019-5778", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5786", "CVE-2019-5799", "CVE-2019-5775", "CVE-2019-5773", "CVE-2019-5796", "CVE-2019-5780", "CVE-2019-5791", "CVE-2019-5784", "CVE-2019-5765", "CVE-2019-5781", "CVE-2019-5759", "CVE-2019-5790", "CVE-2019-5760", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787", "CVE-2019-5774"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:29", "p-cpe:/a:fedoraproject:fedora:chromium"], "id": "FEDORA_2019-561EAE4626.NASL", "href": "https://www.tenable.com/plugins/nessus/123100", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-561eae4626.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123100);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2019-5754\", \"CVE-2019-5755\", \"CVE-2019-5756\", \"CVE-2019-5757\", \"CVE-2019-5758\", \"CVE-2019-5759\", \"CVE-2019-5760\", \"CVE-2019-5761\", \"CVE-2019-5762\", \"CVE-2019-5763\", \"CVE-2019-5764\", \"CVE-2019-5765\", \"CVE-2019-5766\", \"CVE-2019-5767\", \"CVE-2019-5768\", \"CVE-2019-5769\", \"CVE-2019-5770\", \"CVE-2019-5771\", \"CVE-2019-5772\", \"CVE-2019-5773\", \"CVE-2019-5774\", \"CVE-2019-5775\", \"CVE-2019-5776\", \"CVE-2019-5777\", \"CVE-2019-5778\", \"CVE-2019-5779\", \"CVE-2019-5780\", \"CVE-2019-5781\", \"CVE-2019-5782\", \"CVE-2019-5784\", \"CVE-2019-5786\", \"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\", \"CVE-2019-5803\", \"CVE-2019-5804\");\n script_xref(name:\"FEDORA\", value:\"2019-561eae4626\");\n\n script_name(english:\"Fedora 29 : chromium (2019-561eae4626)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 73.0.3683.75. Fixes large bucket of CVEs.\n\nCVE-2019-5754 CVE-2019-5782 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757\nCVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762\nCVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767\nCVE-2019-5768 CVE-2019-5769 CVE-2019-5770 CVE-2019-5771 CVE-2019-5772\nCVE-2019-5773 CVE-2019-5774 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777\nCVE-2019-5778 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781 CVE-2019-5784\nCVE-2019-5786 CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790\nCVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795\nCVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800\nCVE-2019-5802 CVE-2019-5803\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-561eae4626\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5789\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"chromium-73.0.3683.75-2.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-31T17:53:13", "description": "Update to 73.0.3683.75. Fixes large bucket of CVEs.\n\nCVE-2019-5754 CVE-2019-5782 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757\nCVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762\nCVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767\nCVE-2019-5768 CVE-2019-5769 CVE-2019-5770 CVE-2019-5771 CVE-2019-5772\nCVE-2019-5773 CVE-2019-5774 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777\nCVE-2019-5778 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781 CVE-2019-5784\nCVE-2019-5786 CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790\nCVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795\nCVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800\nCVE-2019-5802 CVE-2019-5803\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 10, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-05-02T00:00:00", "title": "Fedora 30 : chromium (2019-05a780936d)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5766", "CVE-2019-5769", "CVE-2019-5758", "CVE-2019-5761", "CVE-2019-5767", "CVE-2019-5777", "CVE-2019-5772", "CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5763", "CVE-2019-5771", "CVE-2019-5803", "CVE-2019-5776", "CVE-2019-5764", "CVE-2019-5755", "CVE-2019-5792", "CVE-2019-5762", "CVE-2019-5757", "CVE-2019-5768", "CVE-2019-5754", "CVE-2019-5782", "CVE-2019-5801", "CVE-2019-5779", "CVE-2019-5756", "CVE-2019-5793", "CVE-2019-5770", "CVE-2019-5778", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5786", "CVE-2019-5799", "CVE-2019-5775", "CVE-2019-5773", "CVE-2019-5796", "CVE-2019-5780", "CVE-2019-5791", "CVE-2019-5784", "CVE-2019-5765", "CVE-2019-5781", "CVE-2019-5759", "CVE-2019-5790", "CVE-2019-5760", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787", "CVE-2019-5774"], "modified": "2019-05-02T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:30", "p-cpe:/a:fedoraproject:fedora:chromium"], "id": "FEDORA_2019-05A780936D.NASL", "href": "https://www.tenable.com/plugins/nessus/124466", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-05a780936d.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124466);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2019-5754\", \"CVE-2019-5755\", \"CVE-2019-5756\", \"CVE-2019-5757\", \"CVE-2019-5758\", \"CVE-2019-5759\", \"CVE-2019-5760\", \"CVE-2019-5761\", \"CVE-2019-5762\", \"CVE-2019-5763\", \"CVE-2019-5764\", \"CVE-2019-5765\", \"CVE-2019-5766\", \"CVE-2019-5767\", \"CVE-2019-5768\", \"CVE-2019-5769\", \"CVE-2019-5770\", \"CVE-2019-5771\", \"CVE-2019-5772\", \"CVE-2019-5773\", \"CVE-2019-5774\", \"CVE-2019-5775\", \"CVE-2019-5776\", \"CVE-2019-5777\", \"CVE-2019-5778\", \"CVE-2019-5779\", \"CVE-2019-5780\", \"CVE-2019-5781\", \"CVE-2019-5782\", \"CVE-2019-5784\", \"CVE-2019-5786\", \"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\", \"CVE-2019-5803\", \"CVE-2019-5804\");\n script_xref(name:\"FEDORA\", value:\"2019-05a780936d\");\n\n script_name(english:\"Fedora 30 : chromium (2019-05a780936d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to 73.0.3683.75. Fixes large bucket of CVEs.\n\nCVE-2019-5754 CVE-2019-5782 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757\nCVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762\nCVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767\nCVE-2019-5768 CVE-2019-5769 CVE-2019-5770 CVE-2019-5771 CVE-2019-5772\nCVE-2019-5773 CVE-2019-5774 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777\nCVE-2019-5778 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781 CVE-2019-5784\nCVE-2019-5786 CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790\nCVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795\nCVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800\nCVE-2019-5802 CVE-2019-5803\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-05a780936d\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5789\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"chromium-73.0.3683.75-2.fc30\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-24T09:07:41", "description": "This update for chromium fixes the following issues :\n\nChromium was updated to 75.0.3770.90 (boo#1137332 boo#1138287) :\n\n - CVE-2019-5842: Use-after-free in Blink.\n\nAlso updated to 75.0.3770.80 boo#1137332 :\n\n - CVE-2019-5828: Use after free in ServiceWorker\n\n - CVE-2019-5829: Use after free in Download Manager\n\n - CVE-2019-5830: Incorrectly credentialed requests in CORS\n\n - CVE-2019-5831: Incorrect map processing in V8\n\n - CVE-2019-5832: Incorrect CORS handling in XHR\n\n - CVE-2019-5833: Inconsistent security UI placemen\n\n - CVE-2019-5835: Out of bounds read in Swiftshader\n\n - CVE-2019-5836: Heap buffer overflow in Angle\n\n - CVE-2019-5837: Cross-origin resources size disclosure in\n Appcache\n\n - CVE-2019-5838: Overly permissive tab access in\n Extensions\n\n - CVE-2019-5839: Incorrect handling of certain code points\n in Blink\n\n - CVE-2019-5840: Popup blocker bypass\n\n - Various fixes from internal audits, fuzzing and other\n initiatives\n\n - CVE-2019-5834: URL spoof in Omnibox on iOS\n\nUpdate to 74.0.3729.169 :\n\n - Feature fixes update only\n\nUpdate to 74.0.3729.157 :\n\n - Various security fixes from internal audits, fuzzing and\n other initiatives\n\nIncludes security fixes from 74.0.3729.131 (boo#1134218) :\n\n - CVE-2019-5827: Out-of-bounds access in SQLite\n\n - CVE-2019-5824: Parameter passing error in media player\n\nUpdate to 74.0.3729.108 boo#1133313 :\n\n - CVE-2019-5805: Use after free in PDFium\n\n - CVE-2019-5806: Integer overflow in Angle\n\n - CVE-2019-5807: Memory corruption in V8\n\n - CVE-2019-5808: Use after free in Blink\n\n - CVE-2019-5809: Use after free in Blink\n\n - CVE-2019-5810: User information disclosure in Autofill\n\n - CVE-2019-5811: CORS bypass in Blink\n\n - CVE-2019-5813: Out of bounds read in V8\n\n - CVE-2019-5814: CORS bypass in Blink\n\n - CVE-2019-5815: Heap buffer overflow in Blink\n\n - CVE-2019-5818: Uninitialized value in media reader\n\n - CVE-2019-5819: Incorrect escaping in developer tools\n\n - CVE-2019-5820: Integer overflow in PDFium\n\n - CVE-2019-5821: Integer overflow in PDFium\n\n - CVE-2019-5822: CORS bypass in download manager\n\n - CVE-2019-5823: Forced navigation from service worker\n\n - CVE-2019-5812: URL spoof in Omnibox on iOS\n\n - CVE-2019-5816: Exploit persistence extension on Android\n\n - CVE-2019-5817: Heap buffer overflow in Angle on Windows\n\nUpdate to 73.0.3686.103 :\n\n - Various feature fixes\n\nUpdate to 73.0.3683.86 :\n\n - Just feature fixes around\n\n - Update conditions to use system harfbuzz on TW+\n\n - Require java during build\n\n - Enable using pipewire when available\n\n - Rebase chromium-vaapi.patch to match up the Fedora one\n\nUpdate to 73.0.3683.75 boo#1129059 :\n\n - CVE-2019-5787: Use after free in Canvas.\n\n - CVE-2019-5788: Use after free in FileAPI.\n\n - CVE-2019-5789: Use after free in WebMIDI.\n\n - CVE-2019-5790: Heap buffer overflow in V8.\n\n - CVE-2019-5791: Type confusion in V8.\n\n - CVE-2019-5792: Integer overflow in PDFium.\n\n - CVE-2019-5793: Excessive permissions for private API in\n Extensions.\n\n - CVE-2019-5794: Security UI spoofing.\n\n - CVE-2019-5795: Integer overflow in PDFium.\n\n - CVE-2019-5796: Race condition in Extensions.\n\n - CVE-2019-5797: Race condition in DOMStorage.\n\n - CVE-2019-5798: Out of bounds read in Skia.\n\n - CVE-2019-5799: CSP bypass with blob URL.\n\n - CVE-2019-5800: CSP bypass with blob URL.\n\n - CVE-2019-5801: Incorrect Omnibox display on iOS.\n\n - CVE-2019-5802: Security UI spoofing.\n\n - CVE-2019-5803: CSP bypass with JavaScript URLs'.\n\n - CVE-2019-5804: Command line command injection on\n Windows.", "edition": 11, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-07-01T00:00:00", "title": "openSUSE Security Update : chromium (openSUSE-2019-1666)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-5836", "CVE-2019-5834", "CVE-2019-5831", "CVE-2019-5816", "CVE-2019-5808", "CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5805", "CVE-2019-5822", "CVE-2019-5833", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5813", "CVE-2019-5829", "CVE-2019-5810", "CVE-2019-5819", "CVE-2019-5837", "CVE-2019-5812", "CVE-2019-5832", "CVE-2019-5824", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5818", "CVE-2019-5804", "CVE-2019-5809", "CVE-2019-5797", "CVE-2019-5820", "CVE-2019-5798", "CVE-2019-5807", "CVE-2019-5842", "CVE-2019-5795", "CVE-2019-5821", "CVE-2019-5839", "CVE-2019-5835", "CVE-2019-5799", "CVE-2019-5838", "CVE-2019-5815", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5840", "CVE-2019-5811", "CVE-2019-5828", "CVE-2019-5817", "CVE-2019-5790", "CVE-2019-5806", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5830", "CVE-2019-5827", "CVE-2019-5788", "CVE-2019-5814", "CVE-2019-5823", "CVE-2019-5787"], "modified": "2019-07-01T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debugsource", "p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium-debuginfo"], "id": "OPENSUSE-2019-1666.NASL", "href": "https://www.tenable.com/plugins/nessus/126368", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1666.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126368);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2019-5787\", \"CVE-2019-5788\", \"CVE-2019-5789\", \"CVE-2019-5790\", \"CVE-2019-5791\", \"CVE-2019-5792\", \"CVE-2019-5793\", \"CVE-2019-5794\", \"CVE-2019-5795\", \"CVE-2019-5796\", \"CVE-2019-5797\", \"CVE-2019-5798\", \"CVE-2019-5799\", \"CVE-2019-5800\", \"CVE-2019-5801\", \"CVE-2019-5802\", \"CVE-2019-5803\", \"CVE-2019-5804\", \"CVE-2019-5805\", \"CVE-2019-5806\", \"CVE-2019-5807\", \"CVE-2019-5808\", \"CVE-2019-5809\", \"CVE-2019-5810\", \"CVE-2019-5811\", \"CVE-2019-5812\", \"CVE-2019-5813\", \"CVE-2019-5814\", \"CVE-2019-5815\", \"CVE-2019-5816\", \"CVE-2019-5817\", \"CVE-2019-5818\", \"CVE-2019-5819\", \"CVE-2019-5820\", \"CVE-2019-5821\", \"CVE-2019-5822\", \"CVE-2019-5823\", \"CVE-2019-5824\", \"CVE-2019-5827\", \"CVE-2019-5828\", \"CVE-2019-5829\", \"CVE-2019-5830\", \"CVE-2019-5831\", \"CVE-2019-5832\", \"CVE-2019-5833\", \"CVE-2019-5834\", \"CVE-2019-5835\", \"CVE-2019-5836\", \"CVE-2019-5837\", \"CVE-2019-5838\", \"CVE-2019-5839\", \"CVE-2019-5840\", \"CVE-2019-5842\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2019-1666)\");\n script_summary(english:\"Check for the openSUSE-2019-1666 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for chromium fixes the following issues :\n\nChromium was updated to 75.0.3770.90 (boo#1137332 boo#1138287) :\n\n - CVE-2019-5842: Use-after-free in Blink.\n\nAlso updated to 75.0.3770.80 boo#1137332 :\n\n - CVE-2019-5828: Use after free in ServiceWorker\n\n - CVE-2019-5829: Use after free in Download Manager\n\n - CVE-2019-5830: Incorrectly credentialed requests in CORS\n\n - CVE-2019-5831: Incorrect map processing in V8\n\n - CVE-2019-5832: Incorrect CORS handling in XHR\n\n - CVE-2019-5833: Inconsistent security UI placemen\n\n - CVE-2019-5835: Out of bounds read in Swiftshader\n\n - CVE-2019-5836: Heap buffer overflow in Angle\n\n - CVE-2019-5837: Cross-origin resources size disclosure in\n Appcache\n\n - CVE-2019-5838: Overly permissive tab access in\n Extensions\n\n - CVE-2019-5839: Incorrect handling of certain code points\n in Blink\n\n - CVE-2019-5840: Popup blocker bypass\n\n - Various fixes from internal audits, fuzzing and other\n initiatives\n\n - CVE-2019-5834: URL spoof in Omnibox on iOS\n\nUpdate to 74.0.3729.169 :\n\n - Feature fixes update only\n\nUpdate to 74.0.3729.157 :\n\n - Various security fixes from internal audits, fuzzing and\n other initiatives\n\nIncludes security fixes from 74.0.3729.131 (boo#1134218) :\n\n - CVE-2019-5827: Out-of-bounds access in SQLite\n\n - CVE-2019-5824: Parameter passing error in media player\n\nUpdate to 74.0.3729.108 boo#1133313 :\n\n - CVE-2019-5805: Use after free in PDFium\n\n - CVE-2019-5806: Integer overflow in Angle\n\n - CVE-2019-5807: Memory corruption in V8\n\n - CVE-2019-5808: Use after free in Blink\n\n - CVE-2019-5809: Use after free in Blink\n\n - CVE-2019-5810: User information disclosure in Autofill\n\n - CVE-2019-5811: CORS bypass in Blink\n\n - CVE-2019-5813: Out of bounds read in V8\n\n - CVE-2019-5814: CORS bypass in Blink\n\n - CVE-2019-5815: Heap buffer overflow in Blink\n\n - CVE-2019-5818: Uninitialized value in media reader\n\n - CVE-2019-5819: Incorrect escaping in developer tools\n\n - CVE-2019-5820: Integer overflow in PDFium\n\n - CVE-2019-5821: Integer overflow in PDFium\n\n - CVE-2019-5822: CORS bypass in download manager\n\n - CVE-2019-5823: Forced navigation from service worker\n\n - CVE-2019-5812: URL spoof in Omnibox on iOS\n\n - CVE-2019-5816: Exploit persistence extension on Android\n\n - CVE-2019-5817: Heap buffer overflow in Angle on Windows\n\nUpdate to 73.0.3686.103 :\n\n - Various feature fixes\n\nUpdate to 73.0.3683.86 :\n\n - Just feature fixes around\n\n - Update conditions to use system harfbuzz on TW+\n\n - Require java during build\n\n - Enable using pipewire when available\n\n - Rebase chromium-vaapi.patch to match up the Fedora one\n\nUpdate to 73.0.3683.75 boo#1129059 :\n\n - CVE-2019-5787: Use after free in Canvas.\n\n - CVE-2019-5788: Use after free in FileAPI.\n\n - CVE-2019-5789: Use after free in WebMIDI.\n\n - CVE-2019-5790: Heap buffer overflow in V8.\n\n - CVE-2019-5791: Type confusion in V8.\n\n - CVE-2019-5792: Integer overflow in PDFium.\n\n - CVE-2019-5793: Excessive permissions for private API in\n Extensions.\n\n - CVE-2019-5794: Security UI spoofing.\n\n - CVE-2019-5795: Integer overflow in PDFium.\n\n - CVE-2019-5796: Race condition in Extensions.\n\n - CVE-2019-5797: Race condition in DOMStorage.\n\n - CVE-2019-5798: Out of bounds read in Skia.\n\n - CVE-2019-5799: CSP bypass with blob URL.\n\n - CVE-2019-5800: CSP bypass with blob URL.\n\n - CVE-2019-5801: Incorrect Omnibox display on iOS.\n\n - CVE-2019-5802: Security UI spoofing.\n\n - CVE-2019-5803: CSP bypass with JavaScript URLs'.\n\n - CVE-2019-5804: Command line command injection on\n Windows.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1129059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1133313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1134218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1138287\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromedriver-75.0.3770.90-lp151.2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromedriver-debuginfo-75.0.3770.90-lp151.2.9.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromium-75.0.3770.90-lp151.2.9.3\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromium-debuginfo-75.0.3770.90-lp151.2.9.3\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromium-debugsource-75.0.3770.90-lp151.2.9.3\", allowmaj:TRUE) ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-08-12T00:56:30", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5793", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4421-1 security@debian.org\nhttps://www.debian.org/security/ Michael Gilbert\nMarch 31, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium\nCVE ID : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790\n CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794\n CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798\n CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803\n\nSeveral vulnerabilities have been discovered in the chromium web browser.\n\nCVE-2019-5787\n\n Zhe Jin discovered a use-after-free issue.\n\nCVE-2019-5788\n\n Mark Brand discovered a use-after-free issue in the in the FileAPI\n implementation.\n\nCVE-2019-5789\n\n Mark Brand discovered a use-after-free issue in the in the WebMIDI\n implementation.\n\nCVE-2019-5790\n\n Dimitri Fourny discovered a buffer overflow issue in the v8 javascript\n library.\n\nCVE-2019-5791\n\n Choongwoo Han discovered a type confusion issue in the v8 javascript\n library.\n\nCVE-2019-5792\n\n pdknsk discovered an integer overflow issue in the pdfium library.\n\nCVE-2019-5793\n\n Jun Kokatsu discovered a permissions issue in the Extensions\n implementation.\n\nCVE-2019-5794\n\n Juno Im of Theori discovered a user interface spoofing issue.\n\nCVE-2019-5795\n\n pdknsk discovered an integer overflow issue in the pdfium library.\n\nCVE-2019-5796\n\n Mark Brand discovered a race condition in the Extensions implementation.\n\nCVE-2019-5797\n\n Mark Brand discovered a race condition in the DOMStorage implementation.\n\nCVE-2019-5798\n\n Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.\n\nCVE-2019-5799\n\n sohalt discovered a way to bypass the Content Security Policy.\n\nCVE-2019-5800\n\n Jun Kokatsu discovered a way to bypass the Content Security Policy.\n\nCVE-2019-5802\n\n Ronni Skansing discovered a user interface spoofing issue.\n\nCVE-2019-5803\n\n Andrew Comminos discovered a way to bypass the Content Security Policy.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 73.0.3683.75-1~deb9u1.\n\nWe recommend that you upgrade your chromium packages.\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2019-03-31T19:35:26", "published": "2019-03-31T19:35:26", "id": "DEBIAN:DSA-4421-1:57AB0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00065.html", "title": "[SECURITY] [DSA 4421-1] chromium security update", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:40", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5787", "CVE-2019-5788", "CVE-2019-5789", "CVE-2019-5790", "CVE-2019-5791", "CVE-2019-5792", "CVE-2019-5793", "CVE-2019-5794", "CVE-2019-5795", "CVE-2019-5796", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5799", "CVE-2019-5800", "CVE-2019-5802", "CVE-2019-5803"], "description": "Arch Linux Security Advisory ASA-201903-8\n=========================================\n\nSeverity: High\nDate : 2019-03-13\nCVE-ID : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790\nCVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794\nCVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798\nCVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803\nPackage : chromium\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-923\n\nSummary\n=======\n\nThe package chromium before version 73.0.3683.75-1 is vulnerable to\nmultiple issues including arbitrary code execution, access restriction\nbypass, content spoofing and information disclosure.\n\nResolution\n==========\n\nUpgrade to 73.0.3683.75-1.\n\n# pacman -Syu \"chromium>=73.0.3683.75-1\"\n\nThe problems have been fixed upstream in version 73.0.3683.75.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-5787 (arbitrary code execution)\n\nA use-after-free issue has been found in the Canvas component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5788 (arbitrary code execution)\n\nA use-after-free issue has been found in the FileAPI component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5789 (arbitrary code execution)\n\nA use-after-free issue has been found in the WebMIDI component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5790 (arbitrary code execution)\n\nA heap-based buffer overflow has been found in the V8 component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5791 (arbitrary code execution)\n\nA type confusion issue has been found in the V8 component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5792 (arbitrary code execution)\n\nAn integer overflow issue has been found in the PDFium component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5793 (access restriction bypass)\n\nAn excessive permissions for private API issue has been found in the\nExtensions component of the chromium browser before 73.0.3683.75.\n\n- CVE-2019-5794 (content spoofing)\n\nA UI spoofing issue has been found in the chromium browser before\n73.0.3683.75.\n\n- CVE-2019-5795 (arbitrary code execution)\n\nAn integer overflow issue has been found in the PDFium component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5796 (arbitrary code execution)\n\nA race condition has been found in the Extensions component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5797 (arbitrary code execution)\n\nA race condition has been found in the DOMStorage component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5798 (information disclosure)\n\nAn out-of-bounds read has been found in the Skia component of the\nchromium browser before 73.0.3683.75.\n\n- CVE-2019-5799 (access restriction bypass)\n\nA CSP bypass issue with blob URLs has been found in the chromium\nbrowser before 73.0.3683.75.\n\n- CVE-2019-5800 (access restriction bypass)\n\nA CSP bypass issue with blob URLs has been found in the chromium\nbrowser before 73.0.3683.75.\n\n- CVE-2019-5802 (content spoofing)\n\nA UI spoofing issue has been found in the chromium browser before\n73.0.3683.75.\n\n- CVE-2019-5803 (access restriction bypass)\n\nA CSP bypass issue with Javascript URLs has been found in the chromium\nbrowser before 73.0.3683.75.\n\nImpact\n======\n\nA remote attacker can access sensitive information, bypass security\nrestrictions and execute arbitrary code via crafted web content.\n\nReferences\n==========\n\nhttps://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=913964\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=925864\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=921581\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=914736\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=926651\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=914983\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=937487\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=935175\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=919643\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=918861\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=916523\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=883596\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=905301\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=894228\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=632514\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=909865\nhttps://security.archlinux.org/CVE-2019-5787\nhttps://security.archlinux.org/CVE-2019-5788\nhttps://security.archlinux.org/CVE-2019-5789\nhttps://security.archlinux.org/CVE-2019-5790\nhttps://security.archlinux.org/CVE-2019-5791\nhttps://security.archlinux.org/CVE-2019-5792\nhttps://security.archlinux.org/CVE-2019-5793\nhttps://security.archlinux.org/CVE-2019-5794\nhttps://security.archlinux.org/CVE-2019-5795\nhttps://security.archlinux.org/CVE-2019-5796\nhttps://security.archlinux.org/CVE-2019-5797\nhttps://security.archlinux.org/CVE-2019-5798\nhttps://security.archlinux.org/CVE-2019-5799\nhttps://security.archlinux.org/CVE-2019-5800\nhttps://security.archlinux.org/CVE-2019-5802\nhttps://security.archlinux.org/CVE-2019-5803", "modified": "2019-03-13T00:00:00", "published": "2019-03-13T00:00:00", "id": "ASA-201903-8", "href": "https://security.archlinux.org/ASA-201903-8", "type": "archlinux", "title": "[ASA-201903-8] chromium: multiple issues", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:50", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5787", "CVE-2019-5788", "CVE-2019-5789", "CVE-2019-5790", "CVE-2019-5791", "CVE-2019-5792", "CVE-2019-5793", "CVE-2019-5794", "CVE-2019-5795", "CVE-2019-5796", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5799", "CVE-2019-5800", "CVE-2019-5802", "CVE-2019-5803"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 73.0.3683.75.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in Canvas (CVE-2019-5787)\n\n* chromium-browser: Use after free in FileAPI (CVE-2019-5788)\n\n* chromium-browser: Use after free in WebMIDI (CVE-2019-5789)\n\n* chromium-browser: Heap buffer overflow in V8 (CVE-2019-5790)\n\n* chromium-browser: Type confusion in V8 (CVE-2019-5791)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-5792)\n\n* chromium-browser: Excessive permissions for private API in Extensions (CVE-2019-5793)\n\n* chromium-browser: Security UI spoofing (CVE-2019-5794)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-5795)\n\n* chromium-browser: Race condition in Extensions (CVE-2019-5796)\n\n* chromium-browser: Race condition in DOMStorage (CVE-2019-5797)\n\n* chromium-browser: Out of bounds read in Skia (CVE-2019-5798)\n\n* chromium-browser: CSP bypass with blob URL (CVE-2019-5799)\n\n* chromium-browser: CSP bypass with blob URL (CVE-2019-5800)\n\n* chromium-browser: Security UI spoofing (CVE-2019-5802)\n\n* chromium-browser: CSP bypass with Javascript URLs (CVE-2019-5803)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-04-08T11:45:13", "published": "2019-04-08T11:40:56", "id": "RHSA-2019:0708", "href": "https://access.redhat.com/errata/RHSA-2019:0708", "type": "redhat", "title": "(RHSA-2019:0708) Important: chromium-browser security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2019-03-28T21:15:15", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "This update for chromium to version 73.0.3683.75 fixes the following\n issues:\n\n Security issues fixed (bsc#1129059):\n\n - CVE-2019-5787: Fixed a use after free in Canvas.\n - CVE-2019-5788: Fixed a use after free in FileAPI.\n - CVE-2019-5789: Fixed a use after free in WebMIDI.\n - CVE-2019-5790: Fixed a heap buffer overflow in V8.\n - CVE-2019-5791: Fixed a type confusion in V8.\n - CVE-2019-5792: Fixed an integer overflow in PDFium.\n - CVE-2019-5793: Fixed excessive permissions for private API in Extensions.\n - CVE-2019-5794: Fixed security UI spoofing.\n - CVE-2019-5795: Fixed an integer overflow in PDFium.\n - CVE-2019-5796: Fixed a race condition in Extensions.\n - CVE-2019-5797: Fixed a race condition in DOMStorage.\n - CVE-2019-5798: Fixed an out of bounds read in Skia.\n - CVE-2019-5799: Fixed a CSP bypass with blob URL.\n - CVE-2019-5800: Fixed a CSP bypass with blob URL.\n - CVE-2019-5801: Fixed an incorrect Omnibox display on iOS.\n - CVE-2019-5802: Fixed security UI spoofing.\n - CVE-2019-5803: Fixed a CSP bypass with Javascript URLs'.\n - CVE-2019-5804: Fixed a command line injection on Windows.\n\n Release notes:\n <a rel=\"nofollow\" href=\"https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-des\">https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-des</a>\n ktop_12.html\n\n", "edition": 1, "modified": "2019-03-28T18:13:06", "published": "2019-03-28T18:13:06", "id": "OPENSUSE-SU-2019:1062-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00038.html", "title": "Security update for chromium (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-03-17T18:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "This update for chromium to version 73.0.3683.75 fixes the following\n issues:\n\n Security issues fixed (bsc#1129059):\n\n - CVE-2019-5787: Fixed a use after free in Canvas.\n - CVE-2019-5788: Fixed a use after free in FileAPI.\n - CVE-2019-5789: Fixed a use after free in WebMIDI.\n - CVE-2019-5790: Fixed a heap buffer overflow in V8.\n - CVE-2019-5791: Fixed a type confusion in V8.\n - CVE-2019-5792: Fixed an integer overflow in PDFium.\n - CVE-2019-5793: Fixed excessive permissions for private API in Extensions.\n - CVE-2019-5794: Fixed security UI spoofing.\n - CVE-2019-5795: Fixed an integer overflow in PDFium.\n - CVE-2019-5796: Fixed a race condition in Extensions.\n - CVE-2019-5797: Fixed a race condition in DOMStorage.\n - CVE-2019-5798: Fixed an out of bounds read in Skia.\n - CVE-2019-5799: Fixed a CSP bypass with blob URL.\n - CVE-2019-5800: Fixed a CSP bypass with blob URL.\n - CVE-2019-5801: Fixed an incorrect Omnibox display on iOS.\n - CVE-2019-5802: Fixed security UI spoofing.\n - CVE-2019-5803: Fixed a CSP bypass with Javascript URLs'.\n - CVE-2019-5804: Fixed a command line injection on Windows.\n\n Release notes:\n <a rel=\"nofollow\" href=\"https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-des\">https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-des</a>\n ktop_12.html\n\n", "edition": 1, "modified": "2019-03-17T15:10:02", "published": "2019-03-17T15:10:02", "id": "OPENSUSE-SU-2019:0343-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00025.html", "title": "Security update for chromium (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-07-02T10:41:51", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5836", "CVE-2019-5834", "CVE-2019-5831", "CVE-2019-5816", "CVE-2019-5808", "CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5805", "CVE-2019-5822", "CVE-2019-5833", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5813", "CVE-2019-5829", "CVE-2019-5810", "CVE-2019-5819", "CVE-2019-5837", "CVE-2019-5812", "CVE-2019-5832", "CVE-2019-5824", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5818", "CVE-2019-5804", "CVE-2019-5809", "CVE-2019-5797", "CVE-2019-5820", "CVE-2019-5798", "CVE-2019-5807", "CVE-2019-5842", "CVE-2019-5795", "CVE-2019-5821", "CVE-2019-5839", "CVE-2019-5835", "CVE-2019-5799", "CVE-2019-5838", "CVE-2019-5815", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5840", "CVE-2019-5811", "CVE-2019-5828", "CVE-2019-5817", "CVE-2019-5790", "CVE-2019-5806", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5830", "CVE-2019-5827", "CVE-2019-5788", "CVE-2019-5814", "CVE-2019-5823", "CVE-2019-5787"], "description": "This update for chromium fixes the following issues:\n\n Chromium was updated to 75.0.3770.90 (boo#1137332 boo#1138287):\n\n * CVE-2019-5842: Use-after-free in Blink.\n\n\n Also updated to 75.0.3770.80 boo#1137332:\n\n * CVE-2019-5828: Use after free in ServiceWorker\n * CVE-2019-5829: Use after free in Download Manager\n * CVE-2019-5830: Incorrectly credentialed requests in CORS\n * CVE-2019-5831: Incorrect map processing in V8\n * CVE-2019-5832: Incorrect CORS handling in XHR\n * CVE-2019-5833: Inconsistent security UI placemen\n * CVE-2019-5835: Out of bounds read in Swiftshader\n * CVE-2019-5836: Heap buffer overflow in Angle\n * CVE-2019-5837: Cross-origin resources size disclosure in Appcache\n * CVE-2019-5838: Overly permissive tab access in Extensions\n * CVE-2019-5839: Incorrect handling of certain code points in Blink\n * CVE-2019-5840: Popup blocker bypass\n * Various fixes from internal audits, fuzzing and other initiatives\n * CVE-2019-5834: URL spoof in Omnibox on iOS\n\n Update to 74.0.3729.169:\n\n * Feature fixes update only\n\n Update to 74.0.3729.157:\n\n * Various security fixes from internal audits, fuzzing and other\n initiatives\n\n Includes security fixes from 74.0.3729.131 (boo#1134218):\n\n * CVE-2019-5827: Out-of-bounds access in SQLite\n * CVE-2019-5824: Parameter passing error in media player\n\n Update to 74.0.3729.108 boo#1133313:\n\n * CVE-2019-5805: Use after free in PDFium\n * CVE-2019-5806: Integer overflow in Angle\n * CVE-2019-5807: Memory corruption in V8\n * CVE-2019-5808: Use after free in Blink\n * CVE-2019-5809: Use after free in Blink\n * CVE-2019-5810: User information disclosure in Autofill\n * CVE-2019-5811: CORS bypass in Blink\n * CVE-2019-5813: Out of bounds read in V8\n * CVE-2019-5814: CORS bypass in Blink\n * CVE-2019-5815: Heap buffer overflow in Blink\n * CVE-2019-5818: Uninitialized value in media reader\n * CVE-2019-5819: Incorrect escaping in developer tools\n * CVE-2019-5820: Integer overflow in PDFium\n * CVE-2019-5821: Integer overflow in PDFium\n * CVE-2019-5822: CORS bypass in download manager\n * CVE-2019-5823: Forced navigation from service worker\n * CVE-2019-5812: URL spoof in Omnibox on iOS\n * CVE-2019-5816: Exploit persistence extension on Android\n * CVE-2019-5817: Heap buffer overflow in Angle on Windows\n\n Update to 73.0.3686.103:\n * Various feature fixes\n\n Update to 73.0.3683.86:\n\n * Just feature fixes around\n\n - Update conditions to use system harfbuzz on TW+\n - Require java during build\n - Enable using pipewire when available\n - Rebase chromium-vaapi.patch to match up the Fedora one\n\n Update to 73.0.3683.75 boo#1129059:\n\n * CVE-2019-5787: Use after free in Canvas.\n * CVE-2019-5788: Use after free in FileAPI.\n * CVE-2019-5789: Use after free in WebMIDI.\n * CVE-2019-5790: Heap buffer overflow in V8.\n * CVE-2019-5791: Type confusion in V8.\n * CVE-2019-5792: Integer overflow in PDFium.\n * CVE-2019-5793: Excessive permissions for private API in Extensions.\n * CVE-2019-5794: Security UI spoofing.\n * CVE-2019-5795: Integer overflow in PDFium.\n * CVE-2019-5796: Race condition in Extensions.\n * CVE-2019-5797: Race condition in DOMStorage.\n * CVE-2019-5798: Out of bounds read in Skia.\n * CVE-2019-5799: CSP bypass with blob URL.\n * CVE-2019-5800: CSP bypass with blob URL.\n * CVE-2019-5801: Incorrect Omnibox display on iOS.\n * CVE-2019-5802: Security UI spoofing.\n * CVE-2019-5803: CSP bypass with Javascript URLs'.\n * CVE-2019-5804: Command line command injection on Windows.\n\n", "edition": 1, "modified": "2019-06-28T18:12:28", "published": "2019-06-28T18:12:28", "id": "OPENSUSE-SU-2019:1666-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00086.html", "title": "Security update for chromium (important)", "type": "suse", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T11:45:14", "bulletinFamily": "info", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5786", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2019-5788", "CVE-2019-5787"], "description": "### *Detect date*:\n03/12/2019\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions or spoof user interface.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nGoogle Chrome earlier than 73.0.3683.75\n\n### *Solution*:\nUpdate to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk. \n[Google Chrome download page](<https://www.google.com/chrome/browser/desktop/>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2019-5786](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5786>)0.0Unknown \n[CVE-2019-5802](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5802>)0.0Unknown \n[CVE-2019-5791](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5791>)0.0Unknown \n[CVE-2019-5801](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5801>)0.0Unknown \n[CVE-2019-5798](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798>)0.0Unknown \n[CVE-2019-5787](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5787>)0.0Unknown \n[CVE-2019-5792](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5792>)0.0Unknown \n[CVE-2019-5793](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5793>)0.0Unknown \n[CVE-2019-5800](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5800>)0.0Unknown \n[CVE-2019-5804](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5804>)0.0Unknown \n[CVE-2019-5803](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5803>)0.0Unknown \n[CVE-2019-5788](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5788>)0.0Unknown \n[CVE-2019-5790](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5790>)0.0Unknown \n[CVE-2019-5799](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5799>)0.0Unknown \n[CVE-2019-5789](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5789>)0.0Unknown \n[CVE-2019-5794](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5794>)0.0Unknown \n[CVE-2019-5796](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5796>)0.0Unknown \n[CVE-2019-5795](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5795>)0.0Unknown \n[CVE-2019-5797](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5797>)0.0Unknown", "edition": 1, "modified": "2020-06-18T00:00:00", "published": "2019-03-12T00:00:00", "id": "KLA11436", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11436", "title": "\r KLA11436Multiple vulnerabilities in Google Chrome ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2019-03-28T06:33:59", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5802", "CVE-2019-5789", "CVE-2019-5803", "CVE-2019-5792", "CVE-2019-5801", "CVE-2019-5793", "CVE-2019-5804", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5795", "CVE-2019-5786", "CVE-2019-5799", "CVE-2019-5796", "CVE-2019-5791", "CVE-2019-5790", "CVE-2019-5794", "CVE-2019-5800", "CVE-2018-17479", "CVE-2019-5788", "CVE-2019-5787"], "description": "### Background\n\nChromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers and Google Chrome Releases for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers and Google Chrome Releases for details. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-73.0.3683.75\"", "edition": 1, "modified": "2019-03-28T00:00:00", "published": "2019-03-28T00:00:00", "id": "GLSA-201903-23", "href": "https://security.gentoo.org/glsa/201903-23", "title": "Chromium: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 0.0, "vector": "NONE"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5754", "CVE-2019-5755", "CVE-2019-5756", "CVE-2019-5757", "CVE-2019-5758", "CVE-2019-5759", "CVE-2019-5760", "CVE-2019-5761", "CVE-2019-5762", "CVE-2019-5763", "CVE-2019-5764", "CVE-2019-5765", "CVE-2019-5766", "CVE-2019-5767", "CVE-2019-5768", "CVE-2019-5769", "CVE-2019-5770", "CVE-2019-5771", "CVE-2019-5772", "CVE-2019-5773", "CVE-2019-5774", "CVE-2019-5775", "CVE-2019-5776", "CVE-2019-5777", "CVE-2019-5778", "CVE-2019-5779", "CVE-2019-5780", "CVE-2019-5781", "CVE-2019-5782", "CVE-2019-5784", "CVE-2019-5786", "CVE-2019-5787", "CVE-2019-5788", "CVE-2019-5789", "CVE-2019-5790", "CVE-2019-5791", "CVE-2019-5792", "CVE-2019-5793", "CVE-2019-5794", "CVE-2019-5795", "CVE-2019-5796", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5799", "CVE-2019-5800", "CVE-2019-5801", "CVE-2019-5802", "CVE-2019-5803", "CVE-2019-5804"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "modified": "2019-03-29T19:41:48", "published": "2019-03-29T19:41:48", "id": "FEDORA:3240460C5991", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: chromium-73.0.3683.75-2.fc30", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-5754", "CVE-2019-5755", "CVE-2019-5756", "CVE-2019-5757", "CVE-2019-5758", "CVE-2019-5759", "CVE-2019-5760", "CVE-2019-5761", "CVE-2019-5762", "CVE-2019-5763", "CVE-2019-5764", "CVE-2019-5765", "CVE-2019-5766", "CVE-2019-5767", "CVE-2019-5768", "CVE-2019-5769", "CVE-2019-5770", "CVE-2019-5771", "CVE-2019-5772", "CVE-2019-5773", "CVE-2019-5774", "CVE-2019-5775", "CVE-2019-5776", "CVE-2019-5777", "CVE-2019-5778", "CVE-2019-5779", "CVE-2019-5780", "CVE-2019-5781", "CVE-2019-5782", "CVE-2019-5784", "CVE-2019-5786", "CVE-2019-5787", "CVE-2019-5788", "CVE-2019-5789", "CVE-2019-5790", "CVE-2019-5791", "CVE-2019-5792", "CVE-2019-5793", "CVE-2019-5794", "CVE-2019-5795", "CVE-2019-5796", "CVE-2019-5797", "CVE-2019-5798", "CVE-2019-5799", "CVE-2019-5800", "CVE-2019-5801", "CVE-2019-5802", "CVE-2019-5803", "CVE-2019-5804"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "modified": "2019-03-25T06:10:55", "published": "2019-03-25T06:10:55", "id": "FEDORA:906EB6076D01", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: chromium-73.0.3683.75-2.fc29", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
