Design/Logic Flaw

Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

CVE-2019-5862

Chromium/Google Chrome: CVE-2019-5862 is an AppCache validation flaw in Chromium before 76.0.3809.87 (renderer-compromised bypass). The issue allows a remote attacker to bypass site isolation via a crafted HTML page. Affected component: AppCache in Chromium; root cause: insufficient data validati...

CVE-2019-5862

Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

CVE-2018-17462

Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page...

The vulnerability of the AppCache component in the Google Chrome web browser allows a hacker to circumvent existing security restrictions.

The vulnerability of the AppCache component in the Google Chrome web browser is related to security configuration errors. Exploiting this vulnerability allows a remote attacker to circumvent existing security restrictions by using compromised render processes...

openSUSE Security Update : chromium (openSUSE-2019-1848)

This update for chromium to version 76.0.3809.87 fixes the following issues : - CVE-2019-5850: Use-after-free in offline page fetcher boo1143492 - CVE-2019-5860: Use-after-free in PDFium boo1143492 - CVE-2019-5853: Memory corruption in regexp length check boo1143492 - CVE-2019-5851:...

OPENSUSE-SU-2019:1849-1 Security update for chromium

This update for chromium to version 76.0.3809.87 fixes the following issues: - CVE-2019-5850: Use-after-free in offline page fetcher boo1143492 - CVE-2019-5860: Use-after-free in PDFium boo1143492 - CVE-2019-5853: Memory corruption in regexp length check boo1143492 - CVE-2019-5851: Use-after-pois...

OPENSUSE-SU-2019:1848-1 Security update for chromium

This update for chromium to version 76.0.3809.87 fixes the following issues: - CVE-2019-5850: Use-after-free in offline page fetcher boo1143492 - CVE-2019-5860: Use-after-free in PDFium boo1143492 - CVE-2019-5853: Memory corruption in regexp length check boo1143492 - CVE-2019-5851: Use-after-pois...

chromium-browser: AppCache not robust to compromised renderers

Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

chromium-browser: Cross-origin resources size disclosure in Appcache

Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

openSUSE Security Update : chromium (openSUSE-2019-1558)

This update for chromium to version 75.0.3770.80 fixes the following issues: Security issues fixed : - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS -...

openSUSE Security Update : chromium (openSUSE-2019-1557)

This update for chromium to version 75.0.3770.80 fixes the following issues : Security issues fixed : - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS -...

openSUSE Security Update : chromium (openSUSE-2019-1559)

This update for chromium to version 75.0.3770.80 fixes the following issues: Security issues fixed : - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS -...

OPENSUSE-SU-2019:1558-1 Security update for chromium

This update for chromium to version 75.0.3770.80 fixes the following issues: Security issues fixed: - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS - CVE-2019-583...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1557-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1558-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1559-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...

Google Chrome Sensitive Information Disclosure Vulnerability (CNVD-2019-17516)

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Appcache in Google Chrome versions prior to 75.0.3770.80. An attacker can exploit the vulnerability to obtain sensitive information...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 75 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 75.0.3770.80 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

Arbitrary Code Execution

Firefox is vulnerable to arbitrary code execution attacks. A remote user could invoke AppCache to hijack a URL in a domain using fallback files inside the manifest directory by serving the files from a sub-path on the domain which cause application to a crash resulting in a denial of service...