Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-06-27 | CVE-2019-5837 | Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports, Leap | 6.5 | ||
| 2019-06-27 | CVE-2019-5838 | Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension. | Debian_linux, Fedora, Chrome, Backports, Leap | 4.3 | ||
| 2019-06-27 | CVE-2019-5839 | Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL. | Debian_linux, Fedora, Chrome, Backports, Leap | 4.3 | ||
| 2019-06-27 | CVE-2019-5840 | Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports, Leap | 4.3 | ||
| 2019-06-29 | CVE-2019-13038 | mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL. | Ubuntu_linux, Fedora, Mod_auth_mellon, Zfs_storage_appliance_kit | 6.1 | ||
| 2019-06-29 | CVE-2019-13050 | Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack. | Traffix_signaling_delivery_controller, Fedora, Gnupg, Leap, Sks_keyserver | 7.5 | ||
| 2019-06-30 | CVE-2019-13107 | Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c | Fedora, Matio | 9.8 | ||
| 2019-06-30 | CVE-2019-13108 | An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. | Exiv2, Fedora | 6.5 | ||
| 2019-06-30 | CVE-2019-13109 | An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction. | Exiv2, Fedora | 6.5 | ||
| 2019-06-30 | CVE-2019-13110 | A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image file. | Ubuntu_linux, Debian_linux, Exiv2, Fedora | 6.5 |