6.5

CVE-2019-13738

Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 79.0.3945.79
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
FedoraprojectFedora Version30
FedoraprojectFedora Version31
RedhatEnterprise Linux Desktop Version6.0 HwPlatformx64
RedhatEnterprise Linux Desktop Version6.0 HwPlatformx86
RedhatEnterprise Linux For Scientific Computing Version6.0 HwPlatformx64
RedhatEnterprise Linux For Scientific Computing Version6.0 HwPlatformx86
RedhatEnterprise Linux Server Version6.0 HwPlatformx64
RedhatEnterprise Linux Server Version6.0 HwPlatformx86
RedhatEnterprise Linux Workstation Version6.0 HwPlatformx64
RedhatEnterprise Linux Workstation Version6.0 HwPlatformx86
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.31% 0.669
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://security.gentoo.org/glsa/202003-08
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html
Broken Link
https://access.redhat.com/errata/RHSA-2019:4238
Third Party Advisory
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/
https://seclists.org/bugtraq/2020/Jan/27
Third Party Advisory
Mailing List
https://www.debian.org/security/2020/dsa-4606
Third Party Advisory
https://crbug.com/1017441
Vendor Advisory
Permissions Required