CVE-2019-13758Google Chrome vulnerability

10 documents8 sources
Severity
4.3MEDIUMNVD
EPSS
1.0%
top 22.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Google ChromeChromiumDebian Linux+5 more
Timeline
PublishedDec 10
Latest updateMay 24

Description

Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages6 packages

CVEListV5google/chromeunspecified79.0.3945.79
NVDgoogle/chrome< 79.0.3945.79
Debianchromium/chromium< 79.0.3945.79-1+3

Also affects: Debian Linux 10.0, 9.0, Fedora 30, 31, Enterprise Linux 6.0

🔴Vulnerability Details

3
GHSA
GHSA-hcww-4rfx-j8fg: Insufficient policy enforcement in navigation in Google Chrome on Android prior to 792022-05-24
CVEList
CVE-2019-13758: Insufficient policy enforcement in navigation in Google Chrome on Android prior to 792019-12-10
OSV
CVE-2019-13758: Insufficient policy enforcement in navigation in Google Chrome on Android prior to 792019-12-10

📋Vendor Advisories

3
Red Hat
chromium-browser: Insufficient policy enforcement in navigation2019-12-10
Chrome
Stable Channel Update for Desktop: CVE-2019-137572019-12-10
Debian
CVE-2019-13758: chromium - Insufficient policy enforcement in navigation in Google Chrome on Android prior ...2019

💬Community

3
Bugzilla
CVE-2019-13758 chromium: chromium-browser: Insufficient policy enforcement in navigation [epel-7]2019-12-11
Bugzilla
CVE-2019-13758 chromium-browser: Insufficient policy enforcement in navigation2019-12-11
Bugzilla
CVE-2019-13758 chromium: chromium-browser: Insufficient policy enforcement in navigation [fedora-all]2019-12-11
CVE-2019-13758 — Google Chrome vulnerability | cvebase