AVG-952 log

Package chromium
Status Fixed
Severity Critical
Type multiple issues
Affected 73.0.3683.103-2
Fixed 74.0.3729.108-1
Current 78.0.3904.108-1 [extra]
Ticket None
Created Wed Apr 24 12:45:27 2019
Issue Severity Remote Type Description
CVE-2019-5823 Low Yes Access restriction bypass
A forced navigation from service worker vulnerability has been found in the chromium browser before 74.0.3729.108.
CVE-2019-5822 Low Yes Access restriction bypass
A CORS bypass vulnerability has been found in the download manager component of the chromium browser before 74.0.3729.108.
CVE-2019-5821 Medium Yes Arbitrary code execution
An integer overflow vulnerability has been found in the PDFium component of the chromium browser before 74.0.3729.108.
CVE-2019-5820 Medium Yes Arbitrary code execution
An integer overflow vulnerability has been found in the PDFium component of the chromium browser before 74.0.3729.108.
CVE-2019-5819 Medium Yes Insufficient validation
An incorrect escaping vulnerability has been found in the developer tools component of the chromium browser before 74.0.3729.108.
CVE-2019-5818 Medium Yes Information disclosure
An uninitialized value vulnerability has been found in the media reader component of the chromium browser before 74.0.3729.108.
CVE-2019-5815 Medium Yes Arbitrary code execution
A heap-based buffer overflow vulnerability has been found in the Blink component of the chromium browser before 74.0.3729.108.
CVE-2019-5814 Medium Yes Access restriction bypass
A CORS bypass vulnerability has been found in the Blink component of the chromium browser before 74.0.3729.108.
CVE-2019-5813 Medium Yes Information disclosure
An out-of-bounds read vulnerability has been found in the V8 component of the chromium browser before 74.0.3729.108.
CVE-2019-5811 Medium Yes Access restriction bypass
A CORS bypass vulnerability has been found in the Blink component of the chromium browser before 74.0.3729.108.
CVE-2019-5810 Medium Yes Information disclosure
A user information disclosure vulnerability has been found in the Autofill component of the chromium browser before 74.0.3729.108.
CVE-2019-5809 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in the Blink component of the chromium browser before 74.0.3729.108.
CVE-2019-5808 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in the Blink component of the chromium browser before 74.0.3729.108.
CVE-2019-5807 Critical Yes Arbitrary code execution
A memory corruption vulnerability has been found in the V8 component of the chromium browser before 74.0.3729.108.
CVE-2019-5806 Critical Yes Arbitrary code execution
An integer overflow vulnerability has been found in the Andle component of the chromium browser before 74.0.3729.108.
CVE-2019-5805 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in the PDFium component of the chromium browser before 74.0.3729.108.
Date Advisory Package Description
24 Apr 2019 ASA-201904-12 chromium multiple issues
References
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html