CVE-2019-13672 — Google Chrome vulnerability

4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 51.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Chromium Debian Chromium

Timeline

PublishedDec 10

Latest updateMay 24

Description

Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page on iOS.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5google/chromeunspecified — 77.0.3865.75

▶NVDgoogle/chrome< 77.0.3865.75

▶debiandebian/chromium< chromium 78.0.3904.87-1 (bookworm)

▶Debianchromium/chromium< 78.0.3904.87-1+3

🔴Vulnerability Details

GHSA

GHSA-7r95-hg48-mx3r: Incorrect security UI in Omnibox in Google Chrome prior to 77↗2022-05-24

▶

OSV

CVE-2019-13672: Incorrect security UI in Omnibox in Google Chrome prior to 77↗2019-12-10

▶

📋Vendor Advisories

Debian

CVE-2019-13672: chromium - Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.75 allowed ...↗2019

▶