6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.1 High
AI Score
Confidence
Low
0.685 Medium
EPSS
Percentile
98.0%
Several vulnerabilities have been discovered in the chromium web browser.
CVE-2019-5805 A use-after-free issue was discovered in the pdfium library.
CVE-2019-5806 Wen Xu discovered an integer overflow issue in the Angle library.
CVE-2019-5807 TimGMichaud discovered a memory corruption issue in the v8 JavaScript library.
CVE-2019-5808 cloudfuzzer discovered a use-after-free issue in Blink/Webkit.
CVE-2019-5809 Mark Brand discovered a use-after-free issue in Blink/Webkit.
CVE-2019-5810 Mark Amery discovered an information disclosure issue.
CVE-2019-5811 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.
CVE-2019-5813 Aleksandar Nikolic discovered an out-of-bounds read issue in the v8 JavaScript library.
CVE-2019-5814 @AaylaSecura1138 discovered a way to bypass the Cross-Origin Resource Sharing feature.
CVE-2019-5815 Nicolas Gregoire discovered a buffer overflow issue in Blink/Webkit.
CVE-2019-5818 Adrian Tolbaru discovered an uninitialized value issue.
CVE-2019-5819 Svyat Mitin discovered an error in the developer tools.
CVE-2019-5820 pdknsk discovered an integer overflow issue in the pdfium library.
CVE-2019-5821 pdknsk discovered another integer overflow issue in the pdfium library.
CVE-2019-5822 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature.
CVE-2019-5823 David Erceg discovered a navigation error.
CVE-2019-5824 leecraso and Guang Gong discovered an error in the media player.
CVE-2019-5825 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered an out-of-bounds write issue in the v8 JavaScript library.
CVE-2019-5826 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered a use-after-free issue.
CVE-2019-5827 mlfbrown discovered an out-of-bounds read issue in the sqlite library.
CVE-2019-5828 leecraso and Guang Gong discovered a use-after-free issue.
CVE-2019-5829 Lucas Pinheiro discovered a use-after-free issue.
CVE-2019-5830 Andrew Krashichkov discovered a credential error in the Cross-Origin Resource Sharing feature.
CVE-2019-5831 yngwei discovered a map error in the v8 JavaScript library.
CVE-2019-5832 Sergey Shekyan discovered an error in the Cross-Origin Resource Sharing feature.
CVE-2019-5833 Khalil Zhani discovered a user interface error.
CVE-2019-5834 Khalil Zhani discovered a URL spoofing issue.
CVE-2019-5836 Omair discovered a buffer overflow issue in the Angle library.
CVE-2019-5837 Adam Iawniuk discovered an information disclosure issue.
CVE-2019-5838 David Erceg discovered an error in extension permissions.
CVE-2019-5839 Masato Kinugawa discovered implementation errors in Blink/Webkit.
CVE-2019-5840 Eliya Stein and Jerome Dangu discovered a way to bypass the popup blocker.
CVE-2019-5842 BUGFENSE discovered a use-after-free issue in Blink/Webkit.
CVE-2019-5847 m3plex discovered an error in the v8 JavaScript library.
CVE-2019-5848 Mark Amery discovered an information disclosure issue.
CVE-2019-5849 Zhen Zhou discovered an out-of-bounds read in the Skia library.
CVE-2019-5850 Brendon Tiszka discovered a use-after-free issue in the offline page fetcher.
CVE-2019-5851 Zhe Jin discovered a use-after-poison issue.
CVE-2019-5852 David Erceg discovered an information disclosure issue.
CVE-2019-5853 Yngwei and sakura discovered a memory corruption issue.
CVE-2019-5854 Zhen Zhou discovered an integer overflow issue in the pdfium library.
CVE-2019-5855 Zhen Zhou discovered an integer overflow issue in the pdfium library.
CVE-2019-5856 Yongke Wang discovered an error related to filesystem:
URI permissions.
CVE-2019-5857 cloudfuzzer discovered a way to crash chromium.
CVE-2019-5858 evil1m0 discovered an information disclosure issue.
CVE-2019-5859 James Lee discovered a way to launch alternative browsers.
CVE-2019-5860 A use-after-free issue was discovered in the v8 JavaScript library.
CVE-2019-5861 Robin Linus discovered an error determining click location.
CVE-2019-5862 Jun Kokatsu discovered an error in the AppCache implementation.
CVE-2019-5864 Devin Grindle discovered an error in the Cross-Origin Resourse Sharing feature for extensions.
CVE-2019-5865 Ivan Fratric discovered a way to bypass the site isolation feature.
CVE-2019-5867 Lucas Pinheiro discovered an out-of-bounds read issue in the v8 JavaScript library.
CVE-2019-5868 banananapenguin discovered a use-after-free issue in the v8 JavaScript library.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-4500. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('compat.inc');
if (description)
{
script_id(127868);
script_version("1.11");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/03");
script_cve_id(
"CVE-2019-5805",
"CVE-2019-5806",
"CVE-2019-5807",
"CVE-2019-5808",
"CVE-2019-5809",
"CVE-2019-5810",
"CVE-2019-5811",
"CVE-2019-5813",
"CVE-2019-5814",
"CVE-2019-5815",
"CVE-2019-5818",
"CVE-2019-5819",
"CVE-2019-5820",
"CVE-2019-5821",
"CVE-2019-5822",
"CVE-2019-5823",
"CVE-2019-5824",
"CVE-2019-5825",
"CVE-2019-5826",
"CVE-2019-5827",
"CVE-2019-5828",
"CVE-2019-5829",
"CVE-2019-5830",
"CVE-2019-5831",
"CVE-2019-5832",
"CVE-2019-5833",
"CVE-2019-5834",
"CVE-2019-5836",
"CVE-2019-5837",
"CVE-2019-5838",
"CVE-2019-5839",
"CVE-2019-5840",
"CVE-2019-5842",
"CVE-2019-5847",
"CVE-2019-5848",
"CVE-2019-5849",
"CVE-2019-5850",
"CVE-2019-5851",
"CVE-2019-5852",
"CVE-2019-5853",
"CVE-2019-5854",
"CVE-2019-5855",
"CVE-2019-5856",
"CVE-2019-5857",
"CVE-2019-5858",
"CVE-2019-5859",
"CVE-2019-5860",
"CVE-2019-5861",
"CVE-2019-5862",
"CVE-2019-5864",
"CVE-2019-5865",
"CVE-2019-5867",
"CVE-2019-5868"
);
script_xref(name:"DSA", value:"4500");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/22");
script_name(english:"Debian DSA-4500-1 : chromium - security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security-related update.");
script_set_attribute(attribute:"description", value:
"Several vulnerabilities have been discovered in the chromium web
browser.
- CVE-2019-5805
A use-after-free issue was discovered in the pdfium
library.
- CVE-2019-5806
Wen Xu discovered an integer overflow issue in the Angle
library.
- CVE-2019-5807
TimGMichaud discovered a memory corruption issue in the
v8 JavaScript library.
- CVE-2019-5808
cloudfuzzer discovered a use-after-free issue in
Blink/Webkit.
- CVE-2019-5809
Mark Brand discovered a use-after-free issue in
Blink/Webkit.
- CVE-2019-5810
Mark Amery discovered an information disclosure issue.
- CVE-2019-5811
Jun Kokatsu discovered a way to bypass the Cross-Origin
Resource Sharing feature.
- CVE-2019-5813
Aleksandar Nikolic discovered an out-of-bounds read
issue in the v8 JavaScript library.
- CVE-2019-5814
@AaylaSecura1138 discovered a way to bypass the
Cross-Origin Resource Sharing feature.
- CVE-2019-5815
Nicolas Gregoire discovered a buffer overflow issue in
Blink/Webkit.
- CVE-2019-5818
Adrian Tolbaru discovered an uninitialized value issue.
- CVE-2019-5819
Svyat Mitin discovered an error in the developer tools.
- CVE-2019-5820
pdknsk discovered an integer overflow issue in the
pdfium library.
- CVE-2019-5821
pdknsk discovered another integer overflow issue in the
pdfium library.
- CVE-2019-5822
Jun Kokatsu discovered a way to bypass the Cross-Origin
Resource Sharing feature.
- CVE-2019-5823
David Erceg discovered a navigation error.
- CVE-2019-5824
leecraso and Guang Gong discovered an error in the media
player.
- CVE-2019-5825
Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu
discovered an out-of-bounds write issue in the v8
JavaScript library.
- CVE-2019-5826
Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu
discovered a use-after-free issue.
- CVE-2019-5827
mlfbrown discovered an out-of-bounds read issue in the
sqlite library.
- CVE-2019-5828
leecraso and Guang Gong discovered a use-after-free
issue.
- CVE-2019-5829
Lucas Pinheiro discovered a use-after-free issue.
- CVE-2019-5830
Andrew Krashichkov discovered a credential error in the
Cross-Origin Resource Sharing feature.
- CVE-2019-5831
yngwei discovered a map error in the v8 JavaScript
library.
- CVE-2019-5832
Sergey Shekyan discovered an error in the Cross-Origin
Resource Sharing feature.
- CVE-2019-5833
Khalil Zhani discovered a user interface error.
- CVE-2019-5834
Khalil Zhani discovered a URL spoofing issue.
- CVE-2019-5836
Omair discovered a buffer overflow issue in the Angle
library.
- CVE-2019-5837
Adam Iawniuk discovered an information disclosure issue.
- CVE-2019-5838
David Erceg discovered an error in extension
permissions.
- CVE-2019-5839
Masato Kinugawa discovered implementation errors in
Blink/Webkit.
- CVE-2019-5840
Eliya Stein and Jerome Dangu discovered a way to bypass
the popup blocker.
- CVE-2019-5842
BUGFENSE discovered a use-after-free issue in
Blink/Webkit.
- CVE-2019-5847
m3plex discovered an error in the v8 JavaScript library.
- CVE-2019-5848
Mark Amery discovered an information disclosure issue.
- CVE-2019-5849
Zhen Zhou discovered an out-of-bounds read in the Skia
library.
- CVE-2019-5850
Brendon Tiszka discovered a use-after-free issue in the
offline page fetcher.
- CVE-2019-5851
Zhe Jin discovered a use-after-poison issue.
- CVE-2019-5852
David Erceg discovered an information disclosure issue.
- CVE-2019-5853
Yngwei and sakura discovered a memory corruption issue.
- CVE-2019-5854
Zhen Zhou discovered an integer overflow issue in the
pdfium library.
- CVE-2019-5855
Zhen Zhou discovered an integer overflow issue in the
pdfium library.
- CVE-2019-5856
Yongke Wang discovered an error related to filesystem:
URI permissions.
- CVE-2019-5857
cloudfuzzer discovered a way to crash chromium.
- CVE-2019-5858
evil1m0 discovered an information disclosure issue.
- CVE-2019-5859
James Lee discovered a way to launch alternative
browsers.
- CVE-2019-5860
A use-after-free issue was discovered in the v8
JavaScript library.
- CVE-2019-5861
Robin Linus discovered an error determining click
location.
- CVE-2019-5862
Jun Kokatsu discovered an error in the AppCache
implementation.
- CVE-2019-5864
Devin Grindle discovered an error in the Cross-Origin
Resourse Sharing feature for extensions.
- CVE-2019-5865
Ivan Fratric discovered a way to bypass the site
isolation feature.
- CVE-2019-5867
Lucas Pinheiro discovered an out-of-bounds read issue in
the v8 JavaScript library.
- CVE-2019-5868
banananapenguin discovered a use-after-free issue in the
v8 JavaScript library.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5805");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5806");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5807");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5808");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5809");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5810");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5811");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5813");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5814");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5815");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5818");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5819");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5820");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5821");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5822");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5823");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5824");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5825");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5826");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5827");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5828");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5829");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5830");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5831");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5832");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5833");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5834");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5836");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5837");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5838");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5839");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5840");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5842");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5847");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5848");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5849");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5850");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5851");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5852");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5853");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5854");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5855");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5856");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5857");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5858");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5859");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5860");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5861");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5862");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5864");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5865");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5867");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-5868");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/chromium");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/chromium");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2019/dsa-4500");
script_set_attribute(attribute:"solution", value:
"Upgrade the chromium packages.
For the stable distribution (buster), these problems have been fixed
in version 76.0.3809.100-1~deb10u1.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5859");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-5850");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Google Chrome 72 and 73 Array.map exploit');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/06/27");
script_set_attribute(attribute:"patch_publication_date", value:"2019/08/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:chromium");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"10.0", prefix:"chromium", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-common", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-driver", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-l10n", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-sandbox", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"chromium-shell", reference:"76.0.3809.100-1~deb10u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | chromium | p-cpe:/a:debian:debian_linux:chromium |
debian | debian_linux | 10.0 | cpe:/o:debian:debian_linux:10.0 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868
packages.debian.org/source/buster/chromium
security-tracker.debian.org/tracker/CVE-2019-5805
security-tracker.debian.org/tracker/CVE-2019-5806
security-tracker.debian.org/tracker/CVE-2019-5807
security-tracker.debian.org/tracker/CVE-2019-5808
security-tracker.debian.org/tracker/CVE-2019-5809
security-tracker.debian.org/tracker/CVE-2019-5810
security-tracker.debian.org/tracker/CVE-2019-5811
security-tracker.debian.org/tracker/CVE-2019-5813
security-tracker.debian.org/tracker/CVE-2019-5814
security-tracker.debian.org/tracker/CVE-2019-5815
security-tracker.debian.org/tracker/CVE-2019-5818
security-tracker.debian.org/tracker/CVE-2019-5819
security-tracker.debian.org/tracker/CVE-2019-5820
security-tracker.debian.org/tracker/CVE-2019-5821
security-tracker.debian.org/tracker/CVE-2019-5822
security-tracker.debian.org/tracker/CVE-2019-5823
security-tracker.debian.org/tracker/CVE-2019-5824
security-tracker.debian.org/tracker/CVE-2019-5825
security-tracker.debian.org/tracker/CVE-2019-5826
security-tracker.debian.org/tracker/CVE-2019-5827
security-tracker.debian.org/tracker/CVE-2019-5828
security-tracker.debian.org/tracker/CVE-2019-5829
security-tracker.debian.org/tracker/CVE-2019-5830
security-tracker.debian.org/tracker/CVE-2019-5831
security-tracker.debian.org/tracker/CVE-2019-5832
security-tracker.debian.org/tracker/CVE-2019-5833
security-tracker.debian.org/tracker/CVE-2019-5834
security-tracker.debian.org/tracker/CVE-2019-5836
security-tracker.debian.org/tracker/CVE-2019-5837
security-tracker.debian.org/tracker/CVE-2019-5838
security-tracker.debian.org/tracker/CVE-2019-5839
security-tracker.debian.org/tracker/CVE-2019-5840
security-tracker.debian.org/tracker/CVE-2019-5842
security-tracker.debian.org/tracker/CVE-2019-5847
security-tracker.debian.org/tracker/CVE-2019-5848
security-tracker.debian.org/tracker/CVE-2019-5849
security-tracker.debian.org/tracker/CVE-2019-5850
security-tracker.debian.org/tracker/CVE-2019-5851
security-tracker.debian.org/tracker/CVE-2019-5852
security-tracker.debian.org/tracker/CVE-2019-5853
security-tracker.debian.org/tracker/CVE-2019-5854
security-tracker.debian.org/tracker/CVE-2019-5855
security-tracker.debian.org/tracker/CVE-2019-5856
security-tracker.debian.org/tracker/CVE-2019-5857
security-tracker.debian.org/tracker/CVE-2019-5858
security-tracker.debian.org/tracker/CVE-2019-5859
security-tracker.debian.org/tracker/CVE-2019-5860
security-tracker.debian.org/tracker/CVE-2019-5861
security-tracker.debian.org/tracker/CVE-2019-5862
security-tracker.debian.org/tracker/CVE-2019-5864
security-tracker.debian.org/tracker/CVE-2019-5865
security-tracker.debian.org/tracker/CVE-2019-5867
security-tracker.debian.org/tracker/CVE-2019-5868
security-tracker.debian.org/tracker/source-package/chromium
www.debian.org/security/2019/dsa-4500
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.1 High
AI Score
Confidence
Low
0.685 Medium
EPSS
Percentile
98.0%