{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for chromium","title":"Title of the patch"},{"category":"description","text":"This update for chromium fixes the following issues:\n\nChromium was updated to 79.0.3945.79 (boo#1158982)\t  \n\n-  CVE-2019-13725: Fixed a use after free in Bluetooth\n-  CVE-2019-13726: Fixed a heap buffer overflow in password manager\n-  CVE-2019-13727: Fixed an insufficient policy enforcement in WebSockets\n-  CVE-2019-13728: Fixed an out of bounds write in V8\n-  CVE-2019-13729: Fixed a use after free in WebSockets\n-  CVE-2019-13730: Fixed a type Confusion in V8\n-  CVE-2019-13732: Fixed a use after free in WebAudio\n-  CVE-2019-13734: Fixed an out of bounds write in SQLite\n-  CVE-2019-13735: Fixed an out of bounds write in V8\n-  CVE-2019-13764: Fixed a type Confusion in V8\n-  CVE-2019-13736: Fixed an integer overflow in PDFium\n-  CVE-2019-13737: Fixed an insufficient policy enforcement in autocomplete\n-  CVE-2019-13738: Fixed an insufficient policy enforcement in navigation\n-  CVE-2019-13739: Fixed an incorrect security UI in Omnibox\n-  CVE-2019-13740: Fixed an incorrect security UI in sharing\n-  CVE-2019-13741: Fixed an insufficient validation of untrusted input in Blink\n-  CVE-2019-13742: Fixed an incorrect security UI in Omnibox\n-  CVE-2019-13743: Fixed an incorrect security UI in external protocol handling\n-  CVE-2019-13744: Fixed an insufficient policy enforcement in cookies\n-  CVE-2019-13745: Fixed an insufficient policy enforcement in audio\n-  CVE-2019-13746: Fixed an insufficient policy enforcement in Omnibox\n-  CVE-2019-13747: Fixed an uninitialized Use in rendering\n-  CVE-2019-13748: Fixed an insufficient policy enforcement in developer tools\n-  CVE-2019-13749: Fixed an incorrect security UI in Omnibox\n-  CVE-2019-13750: Fixed an insufficient data validation in SQLite\n-  CVE-2019-13751: Fixed an uninitialized Use in SQLite\n-  CVE-2019-13752: Fixed an out of bounds read in SQLite\n-  CVE-2019-13753: Fixed an out of bounds read in SQLite\n-  CVE-2019-13754: Fixed an insufficient policy enforcement in extensions\n-  CVE-2019-13755: Fixed an insufficient policy enforcement in extensions\n-  CVE-2019-13756: Fixed an incorrect security UI in printing\n-  CVE-2019-13757: Fixed an incorrect security UI in Omnibox\n-  CVE-2019-13758: Fixed an insufficient policy enforcement in navigation\n-  CVE-2019-13759: Fixed an incorrect security UI in interstitials\n-  CVE-2019-13761: Fixed an incorrect security UI in Omnibox\n-  CVE-2019-13762: Fixed an insufficient policy enforcement in downloads\n-  CVE-2019-13763: Fixed an insufficient policy enforcement in payments\n\nThis update was imported from the openSUSE:Leap:15.1:Update update project.","title":"Description of the patch"},{"category":"details","text":"openSUSE-2019-2694","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2694-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2019:2694-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M7S2JFSREIHYGCP4KXIISPEHVMV7FBWS/#M7S2JFSREIHYGCP4KXIISPEHVMV7FBWS"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2019:2694-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M7S2JFSREIHYGCP4KXIISPEHVMV7FBWS/#M7S2JFSREIHYGCP4KXIISPEHVMV7FBWS"},{"category":"self","summary":"SUSE Bug 1158982","url":"https://bugzilla.suse.com/1158982"},{"category":"self","summary":"SUSE CVE CVE-2019-13725 page","url":"https://www.suse.com/security/cve/CVE-2019-13725/"},{"category":"self","summary":"SUSE CVE CVE-2019-13726 page","url":"https://www.suse.com/security/cve/CVE-2019-13726/"},{"category":"self","summary":"SUSE CVE CVE-2019-13727 page","url":"https://www.suse.com/security/cve/CVE-2019-13727/"},{"category":"self","summary":"SUSE CVE CVE-2019-13728 page","url":"https://www.suse.com/security/cve/CVE-2019-13728/"},{"category":"self","summary":"SUSE CVE CVE-2019-13729 page","url":"https://www.suse.com/security/cve/CVE-2019-13729/"},{"category":"self","summary":"SUSE CVE CVE-2019-13730 page","url":"https://www.suse.com/security/cve/CVE-2019-13730/"},{"category":"self","summary":"SUSE CVE CVE-2019-13732 page","url":"https://www.suse.com/security/cve/CVE-2019-13732/"},{"category":"self","summary":"SUSE CVE CVE-2019-13734 page","url":"https://www.suse.com/security/cve/CVE-2019-13734/"},{"category":"self","summary":"SUSE CVE CVE-2019-13735 page","url":"https://www.suse.com/security/cve/CVE-2019-13735/"},{"category":"self","summary":"SUSE CVE CVE-2019-13736 page","url":"https://www.suse.com/security/cve/CVE-2019-13736/"},{"category":"self","summary":"SUSE CVE CVE-2019-13737 page","url":"https://www.suse.com/security/cve/CVE-2019-13737/"},{"category":"self","summary":"SUSE CVE CVE-2019-13738 page","url":"https://www.suse.com/security/cve/CVE-2019-13738/"},{"category":"self","summary":"SUSE CVE CVE-2019-13739 page","url":"https://www.suse.com/security/cve/CVE-2019-13739/"},{"category":"self","summary":"SUSE CVE CVE-2019-13740 page","url":"https://www.suse.com/security/cve/CVE-2019-13740/"},{"category":"self","summary":"SUSE CVE CVE-2019-13741 page","url":"https://www.suse.com/security/cve/CVE-2019-13741/"},{"category":"self","summary":"SUSE CVE CVE-2019-13742 page","url":"https://www.suse.com/security/cve/CVE-2019-13742/"},{"category":"self","summary":"SUSE CVE CVE-2019-13743 page","url":"https://www.suse.com/security/cve/CVE-2019-13743/"},{"category":"self","summary":"SUSE CVE CVE-2019-13744 page","url":"https://www.suse.com/security/cve/CVE-2019-13744/"},{"category":"self","summary":"SUSE CVE CVE-2019-13745 page","url":"https://www.suse.com/security/cve/CVE-2019-13745/"},{"category":"self","summary":"SUSE CVE CVE-2019-13746 page","url":"https://www.suse.com/security/cve/CVE-2019-13746/"},{"category":"self","summary":"SUSE CVE CVE-2019-13747 page","url":"https://www.suse.com/security/cve/CVE-2019-13747/"},{"category":"self","summary":"SUSE CVE CVE-2019-13748 page","url":"https://www.suse.com/security/cve/CVE-2019-13748/"},{"category":"self","summary":"SUSE CVE CVE-2019-13749 page","url":"https://www.suse.com/security/cve/CVE-2019-13749/"},{"category":"self","summary":"SUSE CVE CVE-2019-13750 page","url":"https://www.suse.com/security/cve/CVE-2019-13750/"},{"category":"self","summary":"SUSE CVE CVE-2019-13751 page","url":"https://www.suse.com/security/cve/CVE-2019-13751/"},{"category":"self","summary":"SUSE CVE CVE-2019-13752 page","url":"https://www.suse.com/security/cve/CVE-2019-13752/"},{"category":"self","summary":"SUSE CVE CVE-2019-13753 page","url":"https://www.suse.com/security/cve/CVE-2019-13753/"},{"category":"self","summary":"SUSE CVE CVE-2019-13754 page","url":"https://www.suse.com/security/cve/CVE-2019-13754/"},{"category":"self","summary":"SUSE CVE CVE-2019-13755 page","url":"https://www.suse.com/security/cve/CVE-2019-13755/"},{"category":"self","summary":"SUSE CVE CVE-2019-13756 page","url":"https://www.suse.com/security/cve/CVE-2019-13756/"},{"category":"self","summary":"SUSE CVE CVE-2019-13757 page","url":"https://www.suse.com/security/cve/CVE-2019-13757/"},{"category":"self","summary":"SUSE CVE CVE-2019-13758 page","url":"https://www.suse.com/security/cve/CVE-2019-13758/"},{"category":"self","summary":"SUSE CVE CVE-2019-13759 page","url":"https://www.suse.com/security/cve/CVE-2019-13759/"},{"category":"self","summary":"SUSE CVE CVE-2019-13761 page","url":"https://www.suse.com/security/cve/CVE-2019-13761/"},{"category":"self","summary":"SUSE CVE CVE-2019-13762 page","url":"https://www.suse.com/security/cve/CVE-2019-13762/"},{"category":"self","summary":"SUSE CVE CVE-2019-13763 page","url":"https://www.suse.com/security/cve/CVE-2019-13763/"},{"category":"self","summary":"SUSE CVE CVE-2019-13764 page","url":"https://www.suse.com/security/cve/CVE-2019-13764/"}],"title":"Security update for chromium","tracking":{"current_release_date":"2019-12-18T09:15:54Z","generator":{"date":"2019-12-18T09:15:54Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2019:2694-1","initial_release_date":"2019-12-18T09:15:54Z","revision_history":[{"date":"2019-12-18T09:15:54Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","product":{"name":"chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","product_id":"chromedriver-79.0.3945.79-bp151.3.35.1.aarch64"}},{"category":"product_version","name":"chromium-79.0.3945.79-bp151.3.35.1.aarch64","product":{"name":"chromium-79.0.3945.79-bp151.3.35.1.aarch64","product_id":"chromium-79.0.3945.79-bp151.3.35.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","product":{"name":"chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","product_id":"chromedriver-79.0.3945.79-bp151.3.35.1.x86_64"}},{"category":"product_version","name":"chromium-79.0.3945.79-bp151.3.35.1.x86_64","product":{"name":"chromium-79.0.3945.79-bp151.3.35.1.x86_64","product_id":"chromium-79.0.3945.79-bp151.3.35.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Package Hub 15 SP1","product":{"name":"SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1"}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"chromedriver-79.0.3945.79-bp151.3.35.1.aarch64 as component of SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64"},"product_reference":"chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"chromedriver-79.0.3945.79-bp151.3.35.1.x86_64 as component of SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64"},"product_reference":"chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"chromium-79.0.3945.79-bp151.3.35.1.aarch64 as component of SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64"},"product_reference":"chromium-79.0.3945.79-bp151.3.35.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"chromium-79.0.3945.79-bp151.3.35.1.x86_64 as component of SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"},"product_reference":"chromium-79.0.3945.79-bp151.3.35.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15 SP1"}]},"vulnerabilities":[{"cve":"CVE-2019-13725","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13725"}],"notes":[{"category":"general","text":"Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13725","url":"https://www.suse.com/security/cve/CVE-2019-13725"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13725","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13725"},{"cve":"CVE-2019-13726","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13726"}],"notes":[{"category":"general","text":"Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13726","url":"https://www.suse.com/security/cve/CVE-2019-13726"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13726","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13726"},{"cve":"CVE-2019-13727","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13727"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13727","url":"https://www.suse.com/security/cve/CVE-2019-13727"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13727","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13727"},{"cve":"CVE-2019-13728","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13728"}],"notes":[{"category":"general","text":"Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13728","url":"https://www.suse.com/security/cve/CVE-2019-13728"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13728","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13728"},{"cve":"CVE-2019-13729","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13729"}],"notes":[{"category":"general","text":"Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13729","url":"https://www.suse.com/security/cve/CVE-2019-13729"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13729","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13729"},{"cve":"CVE-2019-13730","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13730"}],"notes":[{"category":"general","text":"Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13730","url":"https://www.suse.com/security/cve/CVE-2019-13730"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13730","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13730"},{"cve":"CVE-2019-13732","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13732"}],"notes":[{"category":"general","text":"Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13732","url":"https://www.suse.com/security/cve/CVE-2019-13732"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13732","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13732"},{"cve":"CVE-2019-13734","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13734"}],"notes":[{"category":"general","text":"Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13734","url":"https://www.suse.com/security/cve/CVE-2019-13734"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13734","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13734"},{"cve":"CVE-2019-13735","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13735"}],"notes":[{"category":"general","text":"Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13735","url":"https://www.suse.com/security/cve/CVE-2019-13735"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13735","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13735"},{"cve":"CVE-2019-13736","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13736"}],"notes":[{"category":"general","text":"Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13736","url":"https://www.suse.com/security/cve/CVE-2019-13736"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13736","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13736"},{"cve":"CVE-2019-13737","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13737"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13737","url":"https://www.suse.com/security/cve/CVE-2019-13737"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13737","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13737"},{"cve":"CVE-2019-13738","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13738"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13738","url":"https://www.suse.com/security/cve/CVE-2019-13738"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13738","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13738"},{"cve":"CVE-2019-13739","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13739"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13739","url":"https://www.suse.com/security/cve/CVE-2019-13739"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13739","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13739"},{"cve":"CVE-2019-13740","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13740"}],"notes":[{"category":"general","text":"Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13740","url":"https://www.suse.com/security/cve/CVE-2019-13740"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13740","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13740"},{"cve":"CVE-2019-13741","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13741"}],"notes":[{"category":"general","text":"Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13741","url":"https://www.suse.com/security/cve/CVE-2019-13741"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13741","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13741"},{"cve":"CVE-2019-13742","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13742"}],"notes":[{"category":"general","text":"Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13742","url":"https://www.suse.com/security/cve/CVE-2019-13742"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13742","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13742"},{"cve":"CVE-2019-13743","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13743"}],"notes":[{"category":"general","text":"Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13743","url":"https://www.suse.com/security/cve/CVE-2019-13743"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13743","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13743"},{"cve":"CVE-2019-13744","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13744"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13744","url":"https://www.suse.com/security/cve/CVE-2019-13744"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13744","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13744"},{"cve":"CVE-2019-13745","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13745"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13745","url":"https://www.suse.com/security/cve/CVE-2019-13745"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13745","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13745"},{"cve":"CVE-2019-13746","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13746"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13746","url":"https://www.suse.com/security/cve/CVE-2019-13746"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13746","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13746"},{"cve":"CVE-2019-13747","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13747"}],"notes":[{"category":"general","text":"Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13747","url":"https://www.suse.com/security/cve/CVE-2019-13747"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13747","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13747"},{"cve":"CVE-2019-13748","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13748"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13748","url":"https://www.suse.com/security/cve/CVE-2019-13748"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13748","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13748"},{"cve":"CVE-2019-13749","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13749"}],"notes":[{"category":"general","text":"Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13749","url":"https://www.suse.com/security/cve/CVE-2019-13749"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13749","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13749"},{"cve":"CVE-2019-13750","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13750"}],"notes":[{"category":"general","text":"Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13750","url":"https://www.suse.com/security/cve/CVE-2019-13750"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13750","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13750"},{"cve":"CVE-2019-13751","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13751"}],"notes":[{"category":"general","text":"Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13751","url":"https://www.suse.com/security/cve/CVE-2019-13751"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13751","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13751"},{"cve":"CVE-2019-13752","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13752"}],"notes":[{"category":"general","text":"Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13752","url":"https://www.suse.com/security/cve/CVE-2019-13752"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13752","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13752"},{"cve":"CVE-2019-13753","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13753"}],"notes":[{"category":"general","text":"Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13753","url":"https://www.suse.com/security/cve/CVE-2019-13753"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13753","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13753"},{"cve":"CVE-2019-13754","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13754"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13754","url":"https://www.suse.com/security/cve/CVE-2019-13754"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13754","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13754"},{"cve":"CVE-2019-13755","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13755"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13755","url":"https://www.suse.com/security/cve/CVE-2019-13755"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13755","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13755"},{"cve":"CVE-2019-13756","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13756"}],"notes":[{"category":"general","text":"Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13756","url":"https://www.suse.com/security/cve/CVE-2019-13756"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13756","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13756"},{"cve":"CVE-2019-13757","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13757"}],"notes":[{"category":"general","text":"Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13757","url":"https://www.suse.com/security/cve/CVE-2019-13757"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13757","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13757"},{"cve":"CVE-2019-13758","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13758"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13758","url":"https://www.suse.com/security/cve/CVE-2019-13758"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13758","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13758"},{"cve":"CVE-2019-13759","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13759"}],"notes":[{"category":"general","text":"Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13759","url":"https://www.suse.com/security/cve/CVE-2019-13759"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13759","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13759"},{"cve":"CVE-2019-13761","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13761"}],"notes":[{"category":"general","text":"Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13761","url":"https://www.suse.com/security/cve/CVE-2019-13761"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13761","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13761"},{"cve":"CVE-2019-13762","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13762"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13762","url":"https://www.suse.com/security/cve/CVE-2019-13762"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13762","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13762"},{"cve":"CVE-2019-13763","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13763"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13763","url":"https://www.suse.com/security/cve/CVE-2019-13763"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13763","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13763"},{"cve":"CVE-2019-13764","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-13764"}],"notes":[{"category":"general","text":"Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-13764","url":"https://www.suse.com/security/cve/CVE-2019-13764"},{"category":"external","summary":"SUSE Bug 1158982 for CVE-2019-13764","url":"https://bugzilla.suse.com/1158982"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-79.0.3945.79-bp151.3.35.1.x86_64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.aarch64","SUSE Package Hub 15 SP1:chromium-79.0.3945.79-bp151.3.35.1.x86_64"]}],"threats":[{"category":"impact","date":"2019-12-18T09:15:54Z","details":"important"}],"title":"CVE-2019-13764"}]}