CVE-2019-5840 — Race Condition in Google Chrome
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 30.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 27
Latest updateMay 24
Description
Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4
Affected Packages5 packages
Also affects: Debian Linux 10.0, Fedora 29, 30
🔴Vulnerability Details
4GHSA▶
GHSA-xw96-xcrg-p8w2: Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75↗2022-05-24
OSV▶
CVE-2019-5840: Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75↗2019-06-27
CVEList▶
CVE-2019-5840: Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75↗2019-06-27
VulnCheck▶
Google Chrome Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')↗2019
📋Vendor Advisories
2💬Community
3Bugzilla▶
CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 chromium: various ↗2019-06-07
Bugzilla▶
CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 chromium: various ↗2019-06-07