https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html
[$5000][956597] High CVE-2019-5828: Use after free in ServiceWorker. Reported by leecraso of Beihang University and Guang Gong of Alpha Team, Qihoo 360 on 2019-04-25
[$500][958533] High CVE-2019-5829: Use after free in Download Manager. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2019-05-01
[$TBD][665766] Medium CVE-2019-5830: Incorrectly credentialed requests in CORS. Reported by Andrew Krasichkov, Yandex Security Team on 2016-11-16
[$TBD][950328] Medium CVE-2019-5831: Incorrect map processing in V8. Reported by yngwei(JiaWei, Yin) of IIE Varas and sakura of Tecent Xuanwu Lab on 2019-04-07
[$TBD][959390] Medium CVE-2019-5832: Incorrect CORS handling in XHR. Reported by Sergey Shekyan (Shape Security) on 2019-05-03
[$N/A][945067] Medium CVE-2019-5833: Inconsistent security UI placement. Reported by Khalil Zhani on 2019-03-23
[$N/A][962368] Medium CVE-2019-5834: URL spoof in Omnibox on iOS. Reported by Khalil Zhani on 2019-05-13 (not applicable to AOSC OS)
[$1000][939239] Medium CVE-2019-5835: Out of bounds read in Swiftshader. Reported by Wenxiang Qian of Tencent Blade Team on 2019-03-07
[$1000][947342] Medium CVE-2019-5836: Heap buffer overflow in Angle. Reported by Omair on 2019-03-29
[$500][918293] Medium CVE-2019-5837: Cross-origin resources size disclosure in Appcache . Reported by Adam Iwaniuk on 2018-12-30
[$500][893087] Low CVE-2019-5838: Overly permissive tab access in Extensions. Reported by David Erceg on 2018-10-08
[$500][925614] Low CVE-2019-5839: Incorrect handling of certain code points in Blink. Reported by Masato Kinugawa on 2019-01-26
[$N/A][951782] Low CVE-2019-5840: Popup blocker bypass. Reported by Eliya Stein, Jerome Dangu on 2019-04-11
CVE IDs: CVE-2019-5828, CVE-2019-5829, CVE-2019-5830, CVE-2019-5831, CVE-2019-5832, CVE-2019-5833, CVE-2019-5835, CVE-2019-5836, CVE-2019-5837, CVE-2019-5838, CVE-2019-5839, CVE-2019-5840, CVE-2019-5842
Other security advisory IDs: ASA-201906-4, ASA-201906-11
Descriptions: https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop_13.html [$N/A][961413] High CVE-2019-5842: Use-after-free in Blink. Reported by BUGFENSE Anonymous Bug Bounties https://bugfense.io on 2019-05-09
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html [$5000][956597] High CVE-2019-5828: Use after free in ServiceWorker. Reported by leecraso of Beihang University and Guang Gong of Alpha Team, Qihoo 360 on 2019-04-25 [$500][958533] High CVE-2019-5829: Use after free in Download Manager. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2019-05-01 [$TBD][665766] Medium CVE-2019-5830: Incorrectly credentialed requests in CORS. Reported by Andrew Krasichkov, Yandex Security Team on 2016-11-16 [$TBD][950328] Medium CVE-2019-5831: Incorrect map processing in V8. Reported by yngwei(JiaWei, Yin) of IIE Varas and sakura of Tecent Xuanwu Lab on 2019-04-07 [$TBD][959390] Medium CVE-2019-5832: Incorrect CORS handling in XHR. Reported by Sergey Shekyan (Shape Security) on 2019-05-03 [$N/A][945067] Medium CVE-2019-5833: Inconsistent security UI placement. Reported by Khalil Zhani on 2019-03-23
[$N/A][962368] Medium CVE-2019-5834: URL spoof in Omnibox on iOS. Reported by Khalil Zhani on 2019-05-13(not applicable to AOSC OS) [$1000][939239] Medium CVE-2019-5835: Out of bounds read in Swiftshader. Reported by Wenxiang Qian of Tencent Blade Team on 2019-03-07 [$1000][947342] Medium CVE-2019-5836: Heap buffer overflow in Angle. Reported by Omair on 2019-03-29 [$500][918293] Medium CVE-2019-5837: Cross-origin resources size disclosure in Appcache . Reported by Adam Iwaniuk on 2018-12-30 [$500][893087] Low CVE-2019-5838: Overly permissive tab access in Extensions. Reported by David Erceg on 2018-10-08 [$500][925614] Low CVE-2019-5839: Incorrect handling of certain code points in Blink. Reported by Masato Kinugawa on 2019-01-26 [$N/A][951782] Low CVE-2019-5840: Popup blocker bypass. Reported by Eliya Stein, Jerome Dangu on 2019-04-11Architectural progress:
amd64
arm64