opensuse-su-2019:2425-1
Vulnerability from csaf_opensuse
Published
2019-11-03 08:56
Modified
2019-11-03 08:56
Summary
Security update for chromium, re2
Notes
Title of the patch
Security update for chromium, re2
Description of the patch
This update for chromium, re2 fixes the following issues:
Chromium was updated to 78.0.3904.70 boo#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives
- Use internal resources for icon and appdata
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patchnames
openSUSE-2019-2425
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium, re2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium, re2 fixes the following issues:\n\nChromium was updated to 78.0.3904.70 boo#1154806:\n\n* CVE-2019-13699: Use-after-free in media\n* CVE-2019-13700: Buffer overrun in Blink\n* CVE-2019-13701: URL spoof in navigation\n* CVE-2019-13702: Privilege elevation in Installer\n* CVE-2019-13703: URL bar spoofing\n* CVE-2019-13704: CSP bypass\n* CVE-2019-13705: Extension permission bypass\n* CVE-2019-13706: Out-of-bounds read in PDFium\n* CVE-2019-13707: File storage disclosure\n* CVE-2019-13708: HTTP authentication spoof\n* CVE-2019-13709: File download protection bypass\n* CVE-2019-13710: File download protection bypass\n* CVE-2019-13711: Cross-context information leak\n* CVE-2019-15903: Buffer overflow in expat\n* CVE-2019-13713: Cross-origin data leak\n* CVE-2019-13714: CSS injection\n* CVE-2019-13715: Address bar spoofing\n* CVE-2019-13716: Service worker state error\n* CVE-2019-13717: Notification obscured\n* CVE-2019-13718: IDN spoof\n* CVE-2019-13719: Notification obscured\n* Various fixes from internal audits, fuzzing and other initiatives\n\n- Use internal resources for icon and appdata\n\n\nThis update was imported from the openSUSE:Leap:15.1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2425",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2425-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2425-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF/#PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2425-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF/#PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF"
},
{
"category": "self",
"summary": "SUSE Bug 1154806",
"url": "https://bugzilla.suse.com/1154806"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13699 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13700 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13701 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13702 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13703 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13704 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13705 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13706 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13707 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13708 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13709 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13710 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13711 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13713 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13714 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13715 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13716 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13717 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13718 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13719 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Security update for chromium, re2",
"tracking": {
"current_release_date": "2019-11-03T08:56:17Z",
"generator": {
"date": "2019-11-03T08:56:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2425-1",
"initial_release_date": "2019-11-03T08:56:17Z",
"revision_history": [
{
"date": "2019-11-03T08:56:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"product": {
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"product_id": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"product": {
"name": "chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"product_id": "chromium-78.0.3904.70-bp151.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.3.1.aarch64",
"product": {
"name": "libre2-0-20190901-bp151.6.3.1.aarch64",
"product_id": "libre2-0-20190901-bp151.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.3.1.aarch64",
"product": {
"name": "re2-devel-20190901-bp151.6.3.1.aarch64",
"product_id": "re2-devel-20190901-bp151.6.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"product": {
"name": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"product_id": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.3.1.ppc64le",
"product": {
"name": "libre2-0-20190901-bp151.6.3.1.ppc64le",
"product_id": "libre2-0-20190901-bp151.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.3.1.ppc64le",
"product": {
"name": "re2-devel-20190901-bp151.6.3.1.ppc64le",
"product_id": "re2-devel-20190901-bp151.6.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.3.1.s390x",
"product": {
"name": "libre2-0-20190901-bp151.6.3.1.s390x",
"product_id": "libre2-0-20190901-bp151.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.3.1.s390x",
"product": {
"name": "re2-devel-20190901-bp151.6.3.1.s390x",
"product_id": "re2-devel-20190901-bp151.6.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"product": {
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"product_id": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"product": {
"name": "chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"product_id": "chromium-78.0.3904.70-bp151.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.3.1.x86_64",
"product": {
"name": "libre2-0-20190901-bp151.6.3.1.x86_64",
"product_id": "libre2-0-20190901-bp151.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.3.1.x86_64",
"product": {
"name": "re2-devel-20190901-bp151.6.3.1.x86_64",
"product_id": "re2-devel-20190901-bp151.6.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP1",
"product": {
"name": "SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64"
},
"product_reference": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64"
},
"product_reference": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-bp151.3.21.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64"
},
"product_reference": "chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-bp151.3.21.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64"
},
"product_reference": "chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.3.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64"
},
"product_reference": "libre2-0-20190901-bp151.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.3.1.ppc64le as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le"
},
"product_reference": "libre2-0-20190901-bp151.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.3.1.s390x as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x"
},
"product_reference": "libre2-0-20190901-bp151.6.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.3.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64"
},
"product_reference": "libre2-0-20190901-bp151.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32"
},
"product_reference": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.3.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64"
},
"product_reference": "re2-devel-20190901-bp151.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.3.1.ppc64le as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le"
},
"product_reference": "re2-devel-20190901-bp151.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.3.1.s390x as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x"
},
"product_reference": "re2-devel-20190901-bp151.6.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.3.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
},
"product_reference": "re2-devel-20190901-bp151.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13699"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13699",
"url": "https://www.suse.com/security/cve/CVE-2019-13699"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13699",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-13699"
},
{
"cve": "CVE-2019-13700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13700"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13700",
"url": "https://www.suse.com/security/cve/CVE-2019-13700"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13700",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-13700"
},
{
"cve": "CVE-2019-13701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13701"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13701",
"url": "https://www.suse.com/security/cve/CVE-2019-13701"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13701",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13701"
},
{
"cve": "CVE-2019-13702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13702"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13702",
"url": "https://www.suse.com/security/cve/CVE-2019-13702"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13702",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-13702"
},
{
"cve": "CVE-2019-13703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13703"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13703",
"url": "https://www.suse.com/security/cve/CVE-2019-13703"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13703",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13703"
},
{
"cve": "CVE-2019-13704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13704"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13704",
"url": "https://www.suse.com/security/cve/CVE-2019-13704"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13704",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13704"
},
{
"cve": "CVE-2019-13705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13705"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13705",
"url": "https://www.suse.com/security/cve/CVE-2019-13705"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13705",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13705"
},
{
"cve": "CVE-2019-13706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13706"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13706",
"url": "https://www.suse.com/security/cve/CVE-2019-13706"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13706",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-13706"
},
{
"cve": "CVE-2019-13707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13707"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13707",
"url": "https://www.suse.com/security/cve/CVE-2019-13707"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13707",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13707"
},
{
"cve": "CVE-2019-13708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13708"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13708",
"url": "https://www.suse.com/security/cve/CVE-2019-13708"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13708",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13708"
},
{
"cve": "CVE-2019-13709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13709"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13709",
"url": "https://www.suse.com/security/cve/CVE-2019-13709"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13709",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13709"
},
{
"cve": "CVE-2019-13710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13710"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13710",
"url": "https://www.suse.com/security/cve/CVE-2019-13710"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13710",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13710"
},
{
"cve": "CVE-2019-13711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13711"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13711",
"url": "https://www.suse.com/security/cve/CVE-2019-13711"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13711",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13711"
},
{
"cve": "CVE-2019-13713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13713"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13713",
"url": "https://www.suse.com/security/cve/CVE-2019-13713"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13713",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13713"
},
{
"cve": "CVE-2019-13714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13714"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13714",
"url": "https://www.suse.com/security/cve/CVE-2019-13714"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13714",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13714"
},
{
"cve": "CVE-2019-13715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13715"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13715",
"url": "https://www.suse.com/security/cve/CVE-2019-13715"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13715",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13715"
},
{
"cve": "CVE-2019-13716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13716"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13716",
"url": "https://www.suse.com/security/cve/CVE-2019-13716"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13716",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13716"
},
{
"cve": "CVE-2019-13717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13717"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13717",
"url": "https://www.suse.com/security/cve/CVE-2019-13717"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13717",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13717"
},
{
"cve": "CVE-2019-13718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13718"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13718",
"url": "https://www.suse.com/security/cve/CVE-2019-13718"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13718",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13718"
},
{
"cve": "CVE-2019-13719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13719"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13719",
"url": "https://www.suse.com/security/cve/CVE-2019-13719"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13719",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13719"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…