Lucene search

[email protected]NVD:CVE-2019-13734

HistoryDec 10, 2019 - 10:15 p.m.

CVE-2019-13734

2019-12-1022:15:13

CWE-787

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Affected configurations

NVD

Node

googlechromeRange<79.0.3945.79

Node

fedoraprojectfedoraMatch30

fedoraprojectfedoraMatch31

Node

redhatopenshift_container_platformMatch3.11

redhatopenshift_container_platformMatch4.2

redhatenterprise_linuxMatch8.0

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_eusMatch7.7

redhatenterprise_linux_eusMatch8.1

redhatenterprise_linux_eusMatch8.2

redhatenterprise_linux_eusMatch8.4

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_ausMatch7.7

redhatenterprise_linux_server_ausMatch8.2

redhatenterprise_linux_server_ausMatch8.4

redhatenterprise_linux_server_tusMatch7.7

redhatenterprise_linux_server_tusMatch8.2

redhatenterprise_linux_server_tusMatch8.4

redhatenterprise_linux_workstationMatch6.0

redhatenterprise_linux_workstationMatch7.0

Node

canonicalubuntu_linuxMatch14.04esm

canonicalubuntu_linuxMatch16.04esm

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch19.10

Node

susepackage_hubMatch-

AND

suselinux_enterpriseMatch12.0

Node

opensusebackports_sleMatch15.0sp1

Node

debiandebian_linuxMatch9.0

debiandebian_linuxMatch10.0

Node

oraclecommunications_cloud_native_core_network_repository_functionMatch1.14.0

References

lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html

lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html

access.redhat.com/errata/RHSA-2019:4238

access.redhat.com/errata/RHSA-2020:0227

access.redhat.com/errata/RHSA-2020:0229

access.redhat.com/errata/RHSA-2020:0273

access.redhat.com/errata/RHSA-2020:0451

access.redhat.com/errata/RHSA-2020:0463

access.redhat.com/errata/RHSA-2020:0476

chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html

crbug.com/1025466

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/

seclists.org/bugtraq/2020/Jan/27

security.gentoo.org/glsa/202003-08

usn.ubuntu.com/4298-1/

usn.ubuntu.com/4298-2/

www.debian.org/security/2020/dsa-4606

www.oracle.com/security-alerts/cpujan2022.html

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Related for NVD:CVE-2019-13734