CVE-2019-25154

Inappropriate implementation in iframe in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

History

21 Nov 2024, 16:15

Type Values Removed Values Added
References () https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html - Vendor Advisory () https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html - Vendor Advisory
References () https://issues.chromium.org/issues/40094752 - Issue Tracking () https://issues.chromium.org/issues/40094752 - Issue Tracking

21 Oct 2024, 21:16

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.6
Summary
  • (es) La implementación inadecuada en iframe en Google Chrome anterior a 77.0.3865.75 permitía a un atacante remoto realizar potencialmente un escape de la sandbox a través de una página HTML manipulada. (Severidad de seguridad de Chromium: media)
First Time Google
Google chrome
References () https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html - () https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html - Vendor Advisory
References () https://issues.chromium.org/issues/40094752 - () https://issues.chromium.org/issues/40094752 - Issue Tracking

16 Jul 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-16 23:15

Updated : 2024-11-21 16:15


NVD link : CVE-2019-25154

Mitre link : CVE-2019-25154

CVE.ORG link : CVE-2019-25154


JSON object : View

Products Affected

google

  • chrome