| Bug | stretch | buster | bullseye | sid | Description |
|---|
| CVE-2019-5868 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5867 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5865 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5864 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5862 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5861 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5860 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5859 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5858 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5857 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5856 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5855 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5854 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5853 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5852 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5851 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5850 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5848 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5847 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5842 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5840 | vulnerable | fixed | fixed | fixed | Incorrect security UI in popup blocker in Google Chrome on iOS prior t ... |
| CVE-2019-5839 | vulnerable | fixed | fixed | fixed | Excessive data validation in URL parser in Google Chrome prior to 75.0 ... |
| CVE-2019-5838 | vulnerable | fixed | fixed | fixed | Insufficient policy enforcement in extensions API in Google Chrome pri ... |
| CVE-2019-5837 | vulnerable | fixed | fixed | fixed | Resource size information leakage in Blink in Google Chrome prior to 7 ... |
| CVE-2019-5836 | vulnerable | fixed | fixed | fixed | Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 a ... |
| CVE-2019-5835 | vulnerable | fixed | fixed | fixed | Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3 ... |
| CVE-2019-5833 | vulnerable | fixed | fixed | fixed | Incorrect dialog box scoping in browser in Google Chrome on Android pr ... |
| CVE-2019-5832 | vulnerable | fixed | fixed | fixed | Insufficient policy enforcement in XMLHttpRequest in Google Chrome pri ... |
| CVE-2019-5831 | vulnerable | fixed | fixed | fixed | Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 al ... |
| CVE-2019-5830 | vulnerable | fixed | fixed | fixed | Insufficient policy enforcement in CORS in Google Chrome prior to 75.0 ... |
| CVE-2019-5829 | vulnerable | fixed | fixed | fixed | Integer overflow in download manager in Google Chrome prior to 75.0.37 ... |
| CVE-2019-5828 | vulnerable | fixed | fixed | fixed | Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0 ... |
| CVE-2019-5827 | vulnerable | fixed | fixed | fixed | Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3 ... |
| CVE-2019-5826 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5825 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5824 | vulnerable | fixed | fixed | fixed | Parameter passing error in media in Google Chrome prior to 74.0.3729.1 ... |
| CVE-2019-5823 | vulnerable | fixed | fixed | fixed | Insufficient policy enforcement in service workers in Google Chrome pr ... |
| CVE-2019-5822 | vulnerable | fixed | fixed | fixed | Inappropriate implementation in Blink in Google Chrome prior to 74.0.3 ... |
| CVE-2019-5821 | vulnerable | fixed | fixed | fixed | Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 all ... |
| CVE-2019-5820 | vulnerable | fixed | fixed | fixed | Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 all ... |
| CVE-2019-5819 | vulnerable | fixed | fixed | fixed | Insufficient data validation in developer tools in Google Chrome on OS ... |
| CVE-2019-5818 | vulnerable | fixed | fixed | fixed | Uninitialized data in media in Google Chrome prior to 74.0.3729.108 al ... |
| CVE-2019-5815 | vulnerable | fixed | fixed | fixed | |
| CVE-2019-5814 | vulnerable | fixed | fixed | fixed | Insufficient policy enforcement in Blink in Google Chrome prior to 74. ... |
| CVE-2019-5813 | vulnerable | fixed | fixed | fixed | Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a ... |
| CVE-2019-5811 | vulnerable | fixed | fixed | fixed | Incorrect handling of CORS in ServiceWorker in Google Chrome prior to ... |
| CVE-2019-5810 | vulnerable | fixed | fixed | fixed | Information leak in autofill in Google Chrome prior to 74.0.3729.108 a ... |
| CVE-2019-5809 | vulnerable | fixed | fixed | fixed | Use after free in file chooser in Google Chrome prior to 74.0.3729.108 ... |
| CVE-2019-5808 | vulnerable | fixed | fixed | fixed | Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowe ... |
| CVE-2019-5807 | vulnerable | fixed | fixed | fixed | Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 al ... |
| CVE-2019-5806 | vulnerable | fixed | fixed | fixed | Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.37 ... |
| CVE-2019-5805 | vulnerable | fixed | fixed | fixed | Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allow ... |
| CVE-2018-20073 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | Use of extended attributes in downloads in Google Chrome prior to 72.0 ... |
| Bug | Description |
|---|
| CVE-2019-5863 | |
| CVE-2019-5849 | RESERVED |
| CVE-2019-5834 | Insufficient data validation in Blink in Google Chrome prior to 75.0.3 ... |
| CVE-2019-5817 | Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74. ... |
| CVE-2019-5816 | Process lifetime issue in Chrome in Google Chrome on Android prior to ... |
| CVE-2019-5812 | Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.1 ... |
| CVE-2019-5804 | Incorrect command line processing in Chrome in Google Chrome prior to ... |
| CVE-2019-5803 | Insufficient policy enforcement in Content Security Policy in Google C ... |
| CVE-2019-5802 | Incorrect handling of download origins in Navigation in Google Chrome ... |
| CVE-2019-5801 | Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to ... |
| CVE-2019-5800 | Insufficient policy enforcement in Blink in Google Chrome prior to 73. ... |
| CVE-2019-5799 | Incorrect inheritance of a new document's policy in Content Security P ... |
| CVE-2019-5798 | Lack of correct bounds checking in Skia in Google Chrome prior to 73.0 ... |
| CVE-2019-5797 | |
| CVE-2019-5796 | Data race in extensions guest view in Google Chrome prior to 73.0.3683 ... |
| CVE-2019-5795 | Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allo ... |
| CVE-2019-5794 | Incorrect handling of cancelled requests in Navigation in Google Chrom ... |
| CVE-2019-5793 | Insufficient policy enforcement in extensions in Google Chrome prior t ... |
| CVE-2019-5792 | Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allo ... |
| CVE-2019-5791 | Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.7 ... |
| CVE-2019-5790 | An integer overflow leading to an incorrect capacity of a buffer in Ja ... |
| CVE-2019-5789 | An integer overflow that leads to a use-after-free in WebMIDI in Googl ... |
| CVE-2019-5788 | An integer overflow that leads to a use-after-free in Blink Storage in ... |
| CVE-2019-5787 | Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3 ... |
| CVE-2019-5786 | Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 ... |
| CVE-2019-5784 | Incorrect handling of deferred code in V8 in Google Chrome prior to 72 ... |
| CVE-2019-5783 | Missing URI encoding of untrusted input in DevTools in Google Chrome p ... |
| CVE-2019-5782 | Incorrect optimization assumptions in V8 in Google Chrome prior to 72. ... |
| CVE-2019-5781 | Incorrect handling of a confusable character in Omnibox in Google Chro ... |
| CVE-2019-5780 | Insufficient restrictions on what can be done with Apple Events in Goo ... |
| CVE-2019-5779 | Insufficient policy validation in ServiceWorker in Google Chrome prior ... |
| CVE-2019-5778 | A missing case for handling special schemes in permission request chec ... |
| CVE-2019-5777 | Incorrect handling of a confusable character in Omnibox in Google Chro ... |
| CVE-2019-5776 | Incorrect handling of a confusable character in Omnibox in Google Chro ... |
| CVE-2019-5775 | Incorrect handling of a confusable character in Omnibox in Google Chro ... |
| CVE-2019-5774 | Omission of the .desktop filetype from the Safe Browsing checklist in ... |
| CVE-2019-5773 | Insufficient origin validation in IndexedDB in Google Chrome prior to ... |
| CVE-2019-5772 | Sharing of objects over calls into JavaScript runtime in PDFium in Goo ... |
| CVE-2019-5771 | An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior ... |
| CVE-2019-5770 | Insufficient input validation in WebGL in Google Chrome prior to 72.0. ... |
| CVE-2019-5769 | Incorrect handling of invalid end character position when front render ... |
| CVE-2019-5768 | DevTools API not correctly gating on extension capability in DevTools ... |
| CVE-2019-5767 | Insufficient protection of permission UI in WebAPKs in Google Chrome o ... |
| CVE-2019-5766 | Incorrect handling of origin taint checking in Canvas in Google Chrome ... |
| CVE-2019-5765 | An exposed debugging endpoint in the browser in Google Chrome on Andro ... |
| CVE-2019-5764 | Incorrect pointer management in WebRTC in Google Chrome prior to 72.0. ... |
| CVE-2019-5763 | Failure to check error conditions in V8 in Google Chrome prior to 72.0 ... |
| CVE-2019-5762 | Inappropriate memory management when caching in PDFium in Google Chrom ... |
| CVE-2019-5761 | Incorrect object lifecycle management in SwiftShader in Google Chrome ... |
| CVE-2019-5760 | Insufficient checks of pointer validity in WebRTC in Google Chrome pri ... |
| CVE-2019-5759 | Incorrect lifetime handling in HTML select elements in Google Chrome o ... |
| CVE-2019-5758 | Incorrect object lifecycle management in Blink in Google Chrome prior ... |
| CVE-2019-5757 | An incorrect object type assumption in SVG in Google Chrome prior to 7 ... |
| CVE-2019-5756 | Inappropriate memory management when caching in PDFium in Google Chrom ... |
| CVE-2019-5755 | Incorrect handling of negative zero in V8 in Google Chrome prior to 72 ... |
| CVE-2019-5754 | Implementation error in QUIC Networking in Google Chrome prior to 72.0 ... |
| CVE-2018-20346 | SQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ... |
| CVE-2018-20070 | Incorrect handling of confusable characters in URL Formatter in Google ... |
| CVE-2018-20069 | Failure to prevent navigation to top frame to data URLs in Navigation ... |
| CVE-2018-20068 | Incorrect handling of 304 status codes in Navigation in Google Chrome ... |
| CVE-2018-20067 | A renderer initiated back navigation was incorrectly allowed to cancel ... |
| CVE-2018-20066 | Incorrect object lifecycle in Extensions in Google Chrome prior to 71. ... |
| CVE-2018-20065 | Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.8 ... |
| CVE-2018-18359 | Incorrect handling of Reflect.construct in V8 in Google Chrome prior t ... |
| CVE-2018-18358 | Lack of special casing of localhost in WPAD files in Google Chrome pri ... |
| CVE-2018-18357 | Incorrect handling of confusable characters in URL Formatter in Google ... |
| CVE-2018-18356 | An integer overflow in path handling lead to a use after free in Skia ... |
| CVE-2018-18355 | Incorrect handling of confusable characters in URL Formatter in Google ... |
| CVE-2018-18354 | Insufficient validate of external protocols in Shell Integration in Go ... |
| CVE-2018-18353 | Failure to dismiss http auth dialogs on navigation in Network Authenti ... |
| CVE-2018-18352 | Service works could inappropriately gain access to cross origin audio ... |
| CVE-2018-18351 | Lack of proper validation of ancestor frames site when sending lax coo ... |
| CVE-2018-18350 | Incorrect handling of CSP enforcement during navigations in Blink in G ... |
| CVE-2018-18349 | Remote frame navigations was incorrectly permitted to local resources ... |
| CVE-2018-18348 | Incorrect handling of bidirectional domain names with RTL characters i ... |
| CVE-2018-18347 | Incorrect handling of failed navigations with invalid URLs in Navigati ... |
| CVE-2018-18346 | Incorrect handling of alert box display in Blink in Google Chrome prio ... |
| CVE-2018-18345 | Incorrect handling of blob URLS in Site Isolation in Google Chrome pri ... |
| CVE-2018-18344 | Inappropriate allowance of the setDownloadBehavior devtools protocol f ... |
| CVE-2018-18343 | Incorrect handing of paths leading to a use after free in Skia in Goog ... |
| CVE-2018-18342 | Execution of user supplied Javascript during object deserialization ca ... |
| CVE-2018-18341 | An integer overflow leading to a heap buffer overflow in Blink in Goog ... |
| CVE-2018-18340 | Incorrect object lifecycle in MediaRecorder in Google Chrome prior to ... |
| CVE-2018-18339 | Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0. ... |
| CVE-2018-18338 | Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome pri ... |
| CVE-2018-18337 | Incorrect handling of stylesheets leading to a use after free in Blink ... |
| CVE-2018-18336 | Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.35 ... |
| CVE-2018-18335 | Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 al ... |
| CVE-2018-17481 | Incorrect object lifecycle handling in PDFium in Google Chrome prior t ... |
| CVE-2018-17480 | Execution of user supplied Javascript during array deserialization lea ... |