QwikSec

Security Database

CVE

CWE

Training

CVE-2019-5778

Published: Feb 19, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension.

Vendor	Product	Versions
Google	Chrome	affected `unspecified - < 72.0.3626.81`

References

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_DEBIAN

https://crbug.com/918470

x_refsource_MISC

https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html

x_refsource_CONFIRM

FEDORA-2019-561eae4626

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-05a780936d

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.