CVE-2019-13665

Upstream information

CVE-2019-13665 at MITRE

Description

Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.

---

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1150425 [RESOLVED / FIXED]

SUSE Security Advisories:

• openSUSE-SU-2019:2152-1, published Thu, 19 Sep 2019 12:12:57 +0200 (CEST)
• openSUSE-SU-2019:2153-1, published Thu, 19 Sep 2019 12:12:24 +0200 (CEST)
• openSUSE-SU-2019:2155-1, published Fri, 20 Sep 2019 16:37:56 +0200 (CEST)
• openSUSE-SU-2019:2156-1, published Fri, 20 Sep 2019 16:39:20 +0200 (CEST)
• openSUSE-SU-2019:2447-1, published Thu, 7 Nov 2019 00:11:42 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Package Hub for SUSE Linux Enterprise 12 SP3	chromedriver >= 78.0.3904.87-10.1 chromium >= 78.0.3904.87-10.1	Patchnames: openSUSE-2019-2447
openSUSE Leap 15.0	chromedriver >= 77.0.3865.75-lp150.239.1 chromedriver-debuginfo >= 77.0.3865.75-lp150.239.1 chromium >= 77.0.3865.75-lp150.239.1 chromium-debuginfo >= 77.0.3865.75-lp150.239.1 chromium-debugsource >= 77.0.3865.75-lp150.239.1	Patchnames: openSUSE-2019-2153
openSUSE Leap 15.1	chromedriver >= 77.0.3865.75-lp151.2.30.1 chromedriver-debuginfo >= 77.0.3865.75-lp151.2.30.1 chromium >= 77.0.3865.75-lp151.2.30.1 chromium-debuginfo >= 77.0.3865.75-lp151.2.30.1 chromium-debugsource >= 77.0.3865.75-lp151.2.30.1	Patchnames: openSUSE-2019-2152