Government of the Republic of Trinidad and Tobago                                                                                                                                        


TTCSIRT-213.061419: TT-CSIRT Advisory – Chrome Security Updates

13th June 2019

Google has released a security update stating that it has found the following vulnerabilities in Google Chrome:

a) Cross-origin resources size disclosure in Appcache – (CVE-2019-5837)
b) Heap buffer overflow in Angle – (CVE-2019-5836)
c) Inconsistent security UI placement – (CVE-2019-5833)
d) Incorrect CORS handling in XHR – (CVE-2019-5832)
e) Incorrect handling of certain code points in Blink – (CVE-2019-5839)
f) Incorrectly credentialed requests in CORS – (CVE-2019-5830)
g) Incorrect map processing in V8 – (CVE-2019-5831)
h) Out of bounds read in Swiftshader – (CVE-2019-5835)
i) Overly permissive tab access in Extensions – (CVE-2019-5838)
j) Popup blocker bypass – (CVE-2019-5840)
k) URL spoof in Omnibox on iOS – (CVE-2019-5834)
l) Use after free in Download Manager – (CVE-2019-5829)
m) Use after free in ServiceWorker – (CVE-2019-5828)

Further information on these vulnerabilities and how they can be mitigated can be found on the Google Website at