CVE-2019-5825 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-5825 PUBLISHED KEV

Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

EPSS 73.66% · 98.8th percentile

Risk Scores

EPSS Score

73.66%

98.8th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	chromium-browser	0, 45.0.2454.101-0ubuntu1.1201, 47.0.2526.73-0ubuntu1.1218
Ubuntu:18.04:LTS	chromium-browser	0, 61.0.3163.100-0ubuntu1.1378, 62.0.3202.62-0ubuntu0.17.10.1380

Timeline

Sep 24, 2019 VulnCheck KEV Exploitation
Sep 25, 2019 PoC Published
Nov 25, 2019 CVE Published
Mar 5, 2020 PoC Published
Mar 6, 2020 PoC Published
Mar 9, 2020 PoC Published
Oct 9, 2020 PoC Published
Apr 14, 2021 EPSS Score
Jun 8, 2022 CISA KEV Added
Mar 13, 2023 EPSS Score
May 8, 2023 EPSS Score
Jun 14, 2023 PoC Published

References

https://ubuntu.com/security/CVE-2019-5825 third-party-advisory
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2019-5825 third-party-advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog third-party-advisory

Open in Interactive Console →