Action not permitted
Modal body text goes here.
cve-2019-13751
Vulnerability from cvelistv5
Published
2019-12-10 21:01
Modified
2024-08-05 00:05
Severity ?
EPSS score ?
Summary
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T00:05:43.533Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://crbug.com/1025465" }, { "name": "RHSA-2019:4238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "name": "openSUSE-SU-2019:2692", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "name": "FEDORA-2019-1a10c04281", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/" }, { "name": "openSUSE-SU-2019:2694", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" }, { "name": "FEDORA-2020-4355ea258e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/" }, { "name": "20200120 [SECURITY] [DSA 4606-1] chromium security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "name": "DSA-4606", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2020/dsa-4606" }, { "name": "GLSA-202003-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202003-08" }, { "name": "USN-4298-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4298-1/" }, { "name": "USN-4298-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4298-2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Chrome", "vendor": "Google", "versions": [ { "lessThan": "79.0.3945.79", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page." } ], "problemTypes": [ { "descriptions": [ { "description": "Uninitialized Use", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-06T18:06:13", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://crbug.com/1025465" }, { "name": "RHSA-2019:4238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "name": "openSUSE-SU-2019:2692", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "name": "FEDORA-2019-1a10c04281", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/" }, { "name": "openSUSE-SU-2019:2694", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" }, { "name": "FEDORA-2020-4355ea258e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/" }, { "name": "20200120 [SECURITY] [DSA 4606-1] chromium security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "name": "DSA-4606", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2020/dsa-4606" }, { "name": "GLSA-202003-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202003-08" }, { "name": "USN-4298-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4298-1/" }, { "name": "USN-4298-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4298-2/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2019-13751", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Chrome", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "79.0.3945.79" } ] } } ] }, "vendor_name": "Google" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Uninitialized Use" } ] } ] }, "references": { "reference_data": [ { "name": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "name": "https://crbug.com/1025465", "refsource": "MISC", "url": "https://crbug.com/1025465" }, { "name": "RHSA-2019:4238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "name": "openSUSE-SU-2019:2692", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "name": "FEDORA-2019-1a10c04281", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/" }, { "name": "openSUSE-SU-2019:2694", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" }, { "name": "FEDORA-2020-4355ea258e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/" }, { "name": "20200120 [SECURITY] [DSA 4606-1] chromium security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "name": "DSA-4606", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4606" }, { "name": "GLSA-202003-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-08" }, { "name": "USN-4298-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4298-1/" }, { "name": "USN-4298-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4298-2/" } ] } } } }, "cveMetadata": { "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2019-13751", "datePublished": "2019-12-10T21:01:52", "dateReserved": "2019-07-18T00:00:00", "dateUpdated": "2024-08-05T00:05:43.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-13751\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2019-12-10T22:15:14.887\",\"lastModified\":\"2024-11-21T04:25:38.923\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\"},{\"lang\":\"es\",\"value\":\"Datos no inicializados en SQLite en Google Chrome versiones anteriores a la versi\u00f3n 79.0.3945.79, permiti\u00f3 a un atacante remoto conseguir informaci\u00f3n potencialmente confidencial desde la memoria del proceso por medio de una p\u00e1gina HTML especialmente dise\u00f1ada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"79.0.3945.79\",\"matchCriteriaId\":\"D3900404-81EC-4968-BD74-1630F385643D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"EB779E2B-B0A9-41F4-9000-4BAB848E7677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"142A2E7B-9B0D-4335-8C92-FC9A6381DC8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"6194D474-EEEA-41FD-8FE8-090A9C10BDBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"1C493BF1-8890-4A3A-A207-FA5273259F61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"F4C70C61-4DE2-49BE-81EA-9BCAC6F31C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"61F3999C-19F8-4723-8AC9-687FEFF27BD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"5F492BA1-72AD-4302-985E-EB2E465FC22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"BD58D619-D524-4690-85E4-ECE3B984D4B1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:4238\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1025465\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://seclists.org/bugtraq/2020/Jan/27\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-08\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4298-1/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4298-2/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4606\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:4238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1025465\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2020/Jan/27\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-08\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4298-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4298-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4606\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2021_4396
Vulnerability from csaf_redhat
Published
2021-11-09 17:55
Modified
2024-11-22 16:56
Summary
Red Hat Security Advisory: sqlite security update
Notes
Topic
An update for sqlite is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.
Security Fix(es):
* sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)
* sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)
* sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)
* sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)
* sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for sqlite is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.\n\nSecurity Fix(es):\n\n* sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)\n\n* sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)\n\n* sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)\n\n* sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)\n\n* sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:4396", "url": "https://access.redhat.com/errata/RHSA-2021:4396" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/" }, { "category": "external", "summary": "1706805", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706805" }, { "category": "external", "summary": "1781997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781997" }, { "category": "external", "summary": "1781998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781998" }, { "category": "external", "summary": "1785318", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785318" }, { "category": "external", "summary": "1841231", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841231" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4396.json" } ], "title": "Red Hat Security Advisory: sqlite security update", "tracking": { "current_release_date": "2024-11-22T16:56:04+00:00", "generator": { "date": "2024-11-22T16:56:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:4396", "initial_release_date": "2021-11-09T17:55:58+00:00", "revision_history": [ { "date": "2021-11-09T17:55:58+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-11-09T17:55:58+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T16:56:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-15.el8.ppc64le", "product": { "name": "lemon-0:3.26.0-15.el8.ppc64le", "product_id": "lemon-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "product": { "name": "sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "product_id": "sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "product": { "name": "lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "product_id": "lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "product": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "product_id": "sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "product_id": "sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-15.el8.ppc64le", "product": { "name": "sqlite-0:3.26.0-15.el8.ppc64le", "product_id": "sqlite-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-15.el8.ppc64le", "product": { "name": "sqlite-devel-0:3.26.0-15.el8.ppc64le", "product_id": "sqlite-devel-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-15.el8.ppc64le", "product": { "name": "sqlite-libs-0:3.26.0-15.el8.ppc64le", "product_id": "sqlite-libs-0:3.26.0-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-15.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-15.el8.x86_64", "product": { "name": "lemon-0:3.26.0-15.el8.x86_64", "product_id": "lemon-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-15.el8.x86_64", "product": { "name": "sqlite-debugsource-0:3.26.0-15.el8.x86_64", "product_id": "sqlite-debugsource-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-15.el8.x86_64", "product": { "name": "lemon-debuginfo-0:3.26.0-15.el8.x86_64", "product_id": "lemon-debuginfo-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "product": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "product_id": "sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "product_id": "sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-15.el8.x86_64", "product": { "name": "sqlite-0:3.26.0-15.el8.x86_64", "product_id": "sqlite-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-15.el8.x86_64", "product": { "name": "sqlite-devel-0:3.26.0-15.el8.x86_64", "product_id": "sqlite-devel-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-15.el8.x86_64", "product": { "name": "sqlite-libs-0:3.26.0-15.el8.x86_64", "product_id": "sqlite-libs-0:3.26.0-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-15.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-15.el8.s390x", "product": { "name": "lemon-0:3.26.0-15.el8.s390x", "product_id": "lemon-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-15.el8.s390x", "product": { "name": "sqlite-debugsource-0:3.26.0-15.el8.s390x", "product_id": "sqlite-debugsource-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-15.el8.s390x", "product": { "name": "lemon-debuginfo-0:3.26.0-15.el8.s390x", "product_id": "lemon-debuginfo-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-15.el8.s390x", "product": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.s390x", "product_id": "sqlite-debuginfo-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "product_id": "sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-15.el8.s390x", "product": { "name": "sqlite-0:3.26.0-15.el8.s390x", "product_id": "sqlite-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-15.el8.s390x", "product": { "name": "sqlite-devel-0:3.26.0-15.el8.s390x", "product_id": "sqlite-devel-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-15.el8.s390x", "product": { "name": "sqlite-libs-0:3.26.0-15.el8.s390x", "product_id": "sqlite-libs-0:3.26.0-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-15.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-15.el8.aarch64", "product": { "name": "lemon-0:3.26.0-15.el8.aarch64", "product_id": "lemon-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-15.el8.aarch64", "product": { "name": "sqlite-debugsource-0:3.26.0-15.el8.aarch64", "product_id": "sqlite-debugsource-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-15.el8.aarch64", "product": { "name": "lemon-debuginfo-0:3.26.0-15.el8.aarch64", "product_id": "lemon-debuginfo-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "product": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "product_id": "sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "product_id": "sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-15.el8.aarch64", "product": { "name": "sqlite-0:3.26.0-15.el8.aarch64", "product_id": "sqlite-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-15.el8.aarch64", "product": { "name": "sqlite-devel-0:3.26.0-15.el8.aarch64", "product_id": "sqlite-devel-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-15.el8.aarch64", "product": { "name": "sqlite-libs-0:3.26.0-15.el8.aarch64", "product_id": "sqlite-libs-0:3.26.0-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-15.el8?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "sqlite-0:3.26.0-15.el8.i686", "product": { "name": "sqlite-0:3.26.0-15.el8.i686", "product_id": "sqlite-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-15.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-15.el8.i686", "product": { "name": "sqlite-devel-0:3.26.0-15.el8.i686", "product_id": "sqlite-devel-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-15.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-15.el8.i686", "product": { "name": "sqlite-libs-0:3.26.0-15.el8.i686", "product_id": "sqlite-libs-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-15.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-15.el8.i686", "product": { "name": "sqlite-debugsource-0:3.26.0-15.el8.i686", "product_id": "sqlite-debugsource-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-15.el8?arch=i686" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-15.el8.i686", "product": { "name": "lemon-debuginfo-0:3.26.0-15.el8.i686", "product_id": "lemon-debuginfo-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-15.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-15.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-15.el8.i686", "product": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.i686", "product_id": "sqlite-debuginfo-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-15.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "product_id": "sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-15.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-15.el8?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "sqlite-0:3.26.0-15.el8.src", "product": { "name": "sqlite-0:3.26.0-15.el8.src", "product_id": "sqlite-0:3.26.0-15.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-15.el8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "sqlite-doc-0:3.26.0-15.el8.noarch", "product": { "name": "sqlite-doc-0:3.26.0-15.el8.noarch", "product_id": "sqlite-doc-0:3.26.0-15.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-doc@3.26.0-15.el8?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64" }, "product_reference": "lemon-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le" }, "product_reference": "lemon-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x" }, "product_reference": "lemon-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64" }, "product_reference": "lemon-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src" }, "product_reference": "sqlite-0:3.26.0-15.el8.src", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-doc-0:3.26.0-15.el8.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch" }, "product_reference": "sqlite-doc-0:3.26.0-15.el8.noarch", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64" }, "product_reference": "lemon-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le" }, "product_reference": "lemon-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x" }, "product_reference": "lemon-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64" }, "product_reference": "lemon-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "lemon-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src" }, "product_reference": "sqlite-0:3.26.0-15.el8.src", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-debugsource-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-devel-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-doc-0:3.26.0-15.el8.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch" }, "product_reference": "sqlite-doc-0:3.26.0-15.el8.noarch", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-libs-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "relates_to_product_reference": "BaseOS-8.5.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "relates_to_product_reference": "BaseOS-8.5.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-5827", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1706805" } ], "notes": [ { "category": "description", "text": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is not remotely exploitable for sqlite package shipped with Red Hat Enterprise Linux therefore it is rated as having moderate impact for sqlite.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5827" }, { "category": "external", "summary": "RHBZ#1706805", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706805" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5827", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5827" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5827", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5827" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", "url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html" } ], "release_date": "2019-04-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-09T17:55:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4396" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces" }, { "cve": "CVE-2019-13750", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781997" } ], "notes": [ { "category": "description", "text": "Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: dropping of shadow tables not restricted in defensive mode", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13750" }, { "category": "external", "summary": "RHBZ#1781997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781997" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13750", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13750" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13750", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13750" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-09T17:55:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4396" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: dropping of shadow tables not restricted in defensive mode" }, { "cve": "CVE-2019-13751", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781998" } ], "notes": [ { "category": "description", "text": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve detection of corrupted records", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13751" }, { "category": "external", "summary": "RHBZ#1781998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781998" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13751", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13751" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-09T17:55:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4396" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: improve detection of corrupted records" }, { "cve": "CVE-2019-19603", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-12-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1785318" } ], "notes": [ { "category": "description", "text": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19603" }, { "category": "external", "summary": "RHBZ#1785318", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785318" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19603", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19603" } ], "release_date": "2019-12-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-09T17:55:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4396" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS" }, { "cve": "CVE-2020-13435", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2020-05-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1841231" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in SQLite when rewriting select statements for window functions. This flaw allows an attacker who can execute SQL statements, to crash the application, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: NULL pointer dereference in sqlite3ExprCodeTarget()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-13435" }, { "category": "external", "summary": "RHBZ#1841231", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841231" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-13435", "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13435", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13435" } ], "release_date": "2020-05-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-09T17:55:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4396" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "AppStream-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "AppStream-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:lemon-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.src", "BaseOS-8.5.0.GA:sqlite-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-debugsource-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-devel-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-doc-0:3.26.0-15.el8.noarch", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-libs-debuginfo-0:3.26.0-15.el8.x86_64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.aarch64", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.i686", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.ppc64le", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.s390x", "BaseOS-8.5.0.GA:sqlite-tcl-debuginfo-0:3.26.0-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: NULL pointer dereference in sqlite3ExprCodeTarget()" } ] }
rhsa-2019_4238
Vulnerability from csaf_redhat
Published
2019-12-16 09:09
Modified
2024-11-15 04:13
Summary
Red Hat Security Advisory: chromium-browser security update
Notes
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 79.0.3945.79.
Security Fix(es):
* chromium-browser: Use after free in Bluetooth (CVE-2019-13725)
* chromium-browser: Heap buffer overflow in password manager (CVE-2019-13726)
* chromium-browser: Insufficient policy enforcement in WebSockets (CVE-2019-13727)
* chromium-browser: Out of bounds write in V8 (CVE-2019-13728)
* chromium-browser: Use after free in WebSockets (CVE-2019-13729)
* chromium-browser: Type Confusion in V8 (CVE-2019-13730)
* chromium-browser: Use after free in WebAudio (CVE-2019-13732)
* chromium-browser: Out of bounds write in SQLite (CVE-2019-13734)
* chromium-browser: Out of bounds write in V8 (CVE-2019-13735)
* chromium-browser: Type Confusion in V8 (CVE-2019-13764)
* chromium-browser: Integer overflow in PDFium (CVE-2019-13736)
* chromium-browser: Insufficient policy enforcement in autocomplete (CVE-2019-13737)
* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13738)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13739)
* chromium-browser: Incorrect security UI in sharing (CVE-2019-13740)
* chromium-browser: Insufficient validation of untrusted input in Blink (CVE-2019-13741)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13742)
* chromium-browser: Incorrect security UI in external protocol handling (CVE-2019-13743)
* chromium-browser: Insufficient policy enforcement in cookies (CVE-2019-13744)
* chromium-browser: Insufficient policy enforcement in audio (CVE-2019-13745)
* chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2019-13746)
* chromium-browser: Uninitialized Use in rendering (CVE-2019-13747)
* chromium-browser: Insufficient policy enforcement in developer tools (CVE-2019-13748)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13749)
* chromium-browser: Insufficient data validation in SQLite (CVE-2019-13750)
* chromium-browser: Uninitialized Use in SQLite (CVE-2019-13751)
* chromium-browser: Out of bounds read in SQLite (CVE-2019-13752)
* chromium-browser: Out of bounds read in SQLite (CVE-2019-13753)
* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13754)
* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13755)
* chromium-browser: Incorrect security UI in printing (CVE-2019-13756)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13757)
* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13758)
* chromium-browser: Incorrect security UI in interstitials (CVE-2019-13759)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13761)
* chromium-browser: Insufficient policy enforcement in downloads (CVE-2019-13762)
* chromium-browser: Insufficient policy enforcement in payments (CVE-2019-13763)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 79.0.3945.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in Bluetooth (CVE-2019-13725)\n\n* chromium-browser: Heap buffer overflow in password manager (CVE-2019-13726)\n\n* chromium-browser: Insufficient policy enforcement in WebSockets (CVE-2019-13727)\n\n* chromium-browser: Out of bounds write in V8 (CVE-2019-13728)\n\n* chromium-browser: Use after free in WebSockets (CVE-2019-13729)\n\n* chromium-browser: Type Confusion in V8 (CVE-2019-13730)\n\n* chromium-browser: Use after free in WebAudio (CVE-2019-13732)\n\n* chromium-browser: Out of bounds write in SQLite (CVE-2019-13734)\n\n* chromium-browser: Out of bounds write in V8 (CVE-2019-13735)\n\n* chromium-browser: Type Confusion in V8 (CVE-2019-13764)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-13736)\n\n* chromium-browser: Insufficient policy enforcement in autocomplete (CVE-2019-13737)\n\n* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13738)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13739)\n\n* chromium-browser: Incorrect security UI in sharing (CVE-2019-13740)\n\n* chromium-browser: Insufficient validation of untrusted input in Blink (CVE-2019-13741)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13742)\n\n* chromium-browser: Incorrect security UI in external protocol handling (CVE-2019-13743)\n\n* chromium-browser: Insufficient policy enforcement in cookies (CVE-2019-13744)\n\n* chromium-browser: Insufficient policy enforcement in audio (CVE-2019-13745)\n\n* chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2019-13746)\n\n* chromium-browser: Uninitialized Use in rendering (CVE-2019-13747)\n\n* chromium-browser: Insufficient policy enforcement in developer tools (CVE-2019-13748)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13749)\n\n* chromium-browser: Insufficient data validation in SQLite (CVE-2019-13750)\n\n* chromium-browser: Uninitialized Use in SQLite (CVE-2019-13751)\n\n* chromium-browser: Out of bounds read in SQLite (CVE-2019-13752)\n\n* chromium-browser: Out of bounds read in SQLite (CVE-2019-13753)\n\n* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13754)\n\n* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13755)\n\n* chromium-browser: Incorrect security UI in printing (CVE-2019-13756)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13757)\n\n* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13758)\n\n* chromium-browser: Incorrect security UI in interstitials (CVE-2019-13759)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13761)\n\n* chromium-browser: Insufficient policy enforcement in downloads (CVE-2019-13762)\n\n* chromium-browser: Insufficient policy enforcement in payments (CVE-2019-13763)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:4238", "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "1781973", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781973" }, { "category": "external", "summary": "1781974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781974" }, { "category": "external", "summary": "1781975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781975" }, { "category": "external", "summary": "1781976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781976" }, { "category": "external", "summary": "1781977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781977" }, { "category": "external", "summary": "1781978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781978" }, { "category": "external", "summary": "1781979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781979" }, { "category": "external", "summary": "1781980", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781980" }, { "category": "external", "summary": "1781981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781981" }, { "category": "external", "summary": "1781982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781982" }, { "category": "external", "summary": "1781983", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781983" }, { "category": "external", "summary": "1781984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781984" }, { "category": "external", "summary": "1781985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781985" }, { "category": "external", "summary": "1781986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781986" }, { "category": "external", "summary": "1781987", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781987" }, { "category": "external", "summary": "1781988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781988" }, { "category": "external", "summary": "1781989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781989" }, { "category": "external", "summary": "1781990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781990" }, { "category": "external", "summary": "1781991", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781991" }, { "category": "external", "summary": "1781992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781992" }, { "category": "external", "summary": "1781993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781993" }, { "category": "external", "summary": "1781994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781994" }, { "category": "external", "summary": "1781995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781995" }, { "category": "external", "summary": "1781997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781997" }, { "category": "external", "summary": "1781998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781998" }, { "category": "external", "summary": "1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "1782001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782001" }, { "category": "external", "summary": "1782002", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782002" }, { "category": "external", "summary": "1782003", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782003" }, { "category": "external", "summary": "1782004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782004" }, { "category": "external", "summary": "1782005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782005" }, { "category": "external", "summary": "1782006", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782006" }, { "category": "external", "summary": "1782007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782007" }, { "category": "external", "summary": "1782008", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782008" }, { "category": "external", "summary": "1782017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782017" }, { "category": "external", "summary": "1782021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782021" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_4238.json" } ], "title": "Red Hat Security Advisory: chromium-browser security update", "tracking": { "current_release_date": "2024-11-15T04:13:35+00:00", "generator": { "date": "2024-11-15T04:13:35+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:4238", "initial_release_date": "2019-12-16T09:09:31+00:00", "revision_history": [ { "date": "2019-12-16T09:09:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-12-16T09:09:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:13:35+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product_id": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser@79.0.3945.79-1.el6_10?arch=i686" } } }, { "category": "product_version", "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product_id": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser-debuginfo@79.0.3945.79-1.el6_10?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product_id": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser@79.0.3945.79-1.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product_id": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser-debuginfo@79.0.3945.79-1.el6_10?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-13725", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781973" } ], "notes": [ { "category": "description", "text": "Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in Bluetooth", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13725" }, { "category": "external", "summary": "RHBZ#1781973", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781973" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13725", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13725" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13725", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13725" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "chromium-browser: Use after free in Bluetooth" }, { "cve": "CVE-2019-13726", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781974" } ], "notes": [ { "category": "description", "text": "Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Heap buffer overflow in password manager", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13726" }, { "category": "external", "summary": "RHBZ#1781974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781974" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13726", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13726" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13726", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13726" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "chromium-browser: Heap buffer overflow in password manager" }, { "cve": "CVE-2019-13727", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781975" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in WebSockets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13727" }, { "category": "external", "summary": "RHBZ#1781975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781975" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13727", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13727" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13727", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13727" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Insufficient policy enforcement in WebSockets" }, { "cve": "CVE-2019-13728", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781976" } ], "notes": [ { "category": "description", "text": "Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Out of bounds write in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13728" }, { "category": "external", "summary": "RHBZ#1781976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781976" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13728", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13728" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13728", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13728" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Out of bounds write in V8" }, { "cve": "CVE-2019-13729", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781977" } ], "notes": [ { "category": "description", "text": "Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in WebSockets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13729" }, { "category": "external", "summary": "RHBZ#1781977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781977" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13729", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13729" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13729", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13729" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Use after free in WebSockets" }, { "cve": "CVE-2019-13730", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781978" } ], "notes": [ { "category": "description", "text": "Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Type Confusion in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13730" }, { "category": "external", "summary": "RHBZ#1781978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781978" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13730", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13730" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13730", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13730" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Type Confusion in V8" }, { "cve": "CVE-2019-13732", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781979" } ], "notes": [ { "category": "description", "text": "Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in WebAudio", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13732" }, { "category": "external", "summary": "RHBZ#1781979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781979" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13732", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13732" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13732", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13732" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Use after free in WebAudio" }, { "cve": "CVE-2019-13734", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781980" } ], "notes": [ { "category": "description", "text": "Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve shadow table corruption detection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13734" }, { "category": "external", "summary": "RHBZ#1781980", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781980" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13734", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13734" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13734", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13734" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "sqlite: fts3: improve shadow table corruption detection" }, { "cve": "CVE-2019-13735", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781981" } ], "notes": [ { "category": "description", "text": "Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Out of bounds write in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13735" }, { "category": "external", "summary": "RHBZ#1781981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781981" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13735", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13735" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Out of bounds write in V8" }, { "cve": "CVE-2019-13736", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781983" } ], "notes": [ { "category": "description", "text": "Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Integer overflow in PDFium", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13736" }, { "category": "external", "summary": "RHBZ#1781983", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781983" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13736", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13736" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13736", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13736" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Integer overflow in PDFium" }, { "cve": "CVE-2019-13737", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781984" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in autocomplete", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13737" }, { "category": "external", "summary": "RHBZ#1781984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13737", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13737" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13737", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13737" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in autocomplete" }, { "cve": "CVE-2019-13738", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781985" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in navigation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13738" }, { "category": "external", "summary": "RHBZ#1781985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781985" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13738", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13738" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13738", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13738" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in navigation" }, { "cve": "CVE-2019-13739", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781986" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13739" }, { "category": "external", "summary": "RHBZ#1781986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781986" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13739", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13739" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13739", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13739" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13740", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781987" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in sharing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13740" }, { "category": "external", "summary": "RHBZ#1781987", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781987" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13740", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13740" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13740", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13740" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in sharing" }, { "cve": "CVE-2019-13741", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781988" } ], "notes": [ { "category": "description", "text": "Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient validation of untrusted input in Blink", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13741" }, { "category": "external", "summary": "RHBZ#1781988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13741", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13741" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13741", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13741" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient validation of untrusted input in Blink" }, { "cve": "CVE-2019-13742", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781989" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13742" }, { "category": "external", "summary": "RHBZ#1781989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781989" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13742", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13742" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13742", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13742" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13743", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781990" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in external protocol handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13743" }, { "category": "external", "summary": "RHBZ#1781990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781990" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13743", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13743" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13743", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13743" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in external protocol handling" }, { "cve": "CVE-2019-13744", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782021" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in cookies", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13744" }, { "category": "external", "summary": "RHBZ#1782021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782021" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13744", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13744" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13744", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13744" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in cookies" }, { "cve": "CVE-2019-13745", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781991" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in audio", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13745" }, { "category": "external", "summary": "RHBZ#1781991", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781991" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13745", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13745" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13745", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13745" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in audio" }, { "cve": "CVE-2019-13746", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781992" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13746" }, { "category": "external", "summary": "RHBZ#1781992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781992" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13746", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13746" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13746", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13746" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in Omnibox" }, { "cve": "CVE-2019-13747", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781993" } ], "notes": [ { "category": "description", "text": "Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Uninitialized Use in rendering", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13747" }, { "category": "external", "summary": "RHBZ#1781993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781993" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13747", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13747" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13747", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13747" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Uninitialized Use in rendering" }, { "cve": "CVE-2019-13748", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781994" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in developer tools", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13748" }, { "category": "external", "summary": "RHBZ#1781994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781994" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13748", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13748" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13748", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13748" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in developer tools" }, { "cve": "CVE-2019-13749", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781995" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13749" }, { "category": "external", "summary": "RHBZ#1781995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781995" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13749", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13749" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13750", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781997" } ], "notes": [ { "category": "description", "text": "Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: dropping of shadow tables not restricted in defensive mode", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13750" }, { "category": "external", "summary": "RHBZ#1781997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781997" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13750", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13750" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13750", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13750" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: dropping of shadow tables not restricted in defensive mode" }, { "cve": "CVE-2019-13751", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781998" } ], "notes": [ { "category": "description", "text": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve detection of corrupted records", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13751" }, { "category": "external", "summary": "RHBZ#1781998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781998" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13751", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13751" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: improve detection of corrupted records" }, { "cve": "CVE-2019-13752", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781999" } ], "notes": [ { "category": "description", "text": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve shadow table corruption detection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13752" }, { "category": "external", "summary": "RHBZ#1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13752", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13752" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: improve shadow table corruption detection" }, { "cve": "CVE-2019-13753", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782000" } ], "notes": [ { "category": "description", "text": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: incorrectly removed corruption check", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13753" }, { "category": "external", "summary": "RHBZ#1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13753", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13753" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13753", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13753" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: incorrectly removed corruption check" }, { "cve": "CVE-2019-13754", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782001" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in extensions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13754" }, { "category": "external", "summary": "RHBZ#1782001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782001" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13754", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13754" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13754", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13754" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in extensions" }, { "cve": "CVE-2019-13755", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782002" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in extensions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13755" }, { "category": "external", "summary": "RHBZ#1782002", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782002" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13755", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13755" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13755", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13755" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in extensions" }, { "cve": "CVE-2019-13756", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782003" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in printing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13756" }, { "category": "external", "summary": "RHBZ#1782003", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782003" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13756", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13756" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13756", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13756" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Incorrect security UI in printing" }, { "cve": "CVE-2019-13757", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782004" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13757" }, { "category": "external", "summary": "RHBZ#1782004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13757", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13757" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13757", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13757" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13758", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782017" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in navigation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13758" }, { "category": "external", "summary": "RHBZ#1782017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782017" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13758", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13758" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13758", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13758" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in navigation" }, { "cve": "CVE-2019-13759", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782005" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in interstitials", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13759" }, { "category": "external", "summary": "RHBZ#1782005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782005" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13759", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13759" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13759", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13759" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Incorrect security UI in interstitials" }, { "cve": "CVE-2019-13761", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782006" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13761" }, { "category": "external", "summary": "RHBZ#1782006", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782006" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13761", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13761" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13761", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13761" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13762", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782007" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in downloads", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13762" }, { "category": "external", "summary": "RHBZ#1782007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782007" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13762", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13762" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13762", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13762" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in downloads" }, { "cve": "CVE-2019-13763", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782008" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in payments", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13763" }, { "category": "external", "summary": "RHBZ#1782008", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782008" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13763", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13763" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13763", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13763" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in payments" }, { "cve": "CVE-2019-13764", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781982" } ], "notes": [ { "category": "description", "text": "Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Type Confusion in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13764" }, { "category": "external", "summary": "RHBZ#1781982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781982" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13764", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13764" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13764", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13764" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Type Confusion in V8" } ] }
gsd-2019-13751
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2019-13751", "description": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "id": "GSD-2019-13751", "references": [ "https://www.suse.com/security/cve/CVE-2019-13751.html", "https://www.debian.org/security/2020/dsa-4606", "https://access.redhat.com/errata/RHSA-2021:4396", "https://access.redhat.com/errata/RHSA-2019:4238", "https://ubuntu.com/security/CVE-2019-13751", "https://advisories.mageia.org/CVE-2019-13751.html", "https://security.archlinux.org/CVE-2019-13751", "https://linux.oracle.com/cve/CVE-2019-13751.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2019-13751" ], "details": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "id": "GSD-2019-13751", "modified": "2023-12-13T01:23:41.582393Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2019-13751", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Chrome", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "79.0.3945.79" } ] } } ] }, "vendor_name": "Google" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Uninitialized Use" } ] } ] }, "references": { "reference_data": [ { "name": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "name": "https://crbug.com/1025465", "refsource": "MISC", "url": "https://crbug.com/1025465" }, { "name": "RHSA-2019:4238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "name": "openSUSE-SU-2019:2692", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "name": "FEDORA-2019-1a10c04281", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/" }, { "name": "openSUSE-SU-2019:2694", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" }, { "name": "FEDORA-2020-4355ea258e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/" }, { "name": "20200120 [SECURITY] [DSA 4606-1] chromium security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "name": "DSA-4606", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4606" }, { "name": "GLSA-202003-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-08" }, { "name": "USN-4298-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4298-1/" }, { "name": "USN-4298-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4298-2/" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "79.0.3945.79", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:x86:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x86:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:x86:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x86:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2019-13751" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-908" } ] } ] }, "references": { "reference_data": [ { "name": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "name": "https://crbug.com/1025465", "refsource": "MISC", "tags": [ "Permissions Required" ], "url": "https://crbug.com/1025465" }, { "name": "RHSA-2019:4238", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "name": "openSUSE-SU-2019:2692", "refsource": "SUSE", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "name": "FEDORA-2019-1a10c04281", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/" }, { "name": "openSUSE-SU-2019:2694", "refsource": "SUSE", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" }, { "name": "FEDORA-2020-4355ea258e", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/" }, { "name": "20200120 [SECURITY] [DSA 4606-1] chromium security update", "refsource": "BUGTRAQ", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "name": "DSA-4606", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2020/dsa-4606" }, { "name": "GLSA-202003-08", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202003-08" }, { "name": "USN-4298-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4298-1/" }, { "name": "USN-4298-2", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4298-2/" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } }, "lastModifiedDate": "2023-02-10T18:47Z", "publishedDate": "2019-12-10T22:15Z" } } }
ghsa-gv24-94g5-m65w
Vulnerability from github
Published
2022-05-24 17:03
Modified
2023-02-10 21:30
Severity ?
Details
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
{ "affected": [], "aliases": [ "CVE-2019-13751" ], "database_specific": { "cwe_ids": [ "CWE-908" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2019-12-10T22:15:00Z", "severity": "MODERATE" }, "details": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "id": "GHSA-gv24-94g5-m65w", "modified": "2023-02-10T21:30:34Z", "published": "2022-05-24T17:03:01Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13751" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "type": "WEB", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "type": "WEB", "url": "https://crbug.com/1025465" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK" }, { "type": "WEB", "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202003-08" }, { "type": "WEB", "url": "https://usn.ubuntu.com/4298-1" }, { "type": "WEB", "url": "https://usn.ubuntu.com/4298-2" }, { "type": "WEB", "url": "https://www.debian.org/security/2020/dsa-4606" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.