re2 (SUSE:Package Hub 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 package re2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (21)
CVE-2019-13700 — CVSS 8.8 (high): Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the…
CVE-2019-13699 — CVSS 8.8 (high): Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to…
CVE-2019-13706 — CVSS 7.8 (high): Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap…
CVE-2019-13702 — CVSS 7.8 (high): Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege…
CVE-2019-15903 — CVSS 7.5 (high): In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a…
CVE-2019-13713 — CVSS 6.5 (medium): Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data…
CVE-2019-13709 — CVSS 6.5 (medium): Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download…
CVE-2019-13714 — CVSS 6.1 (medium): Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to…
CVE-2019-13707 — CVSS 5.5 (medium): Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak…
CVE-2019-13711 — CVSS 5.3 (medium): Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data…
CVE-2019-13715 — CVSS 4.3 (medium): Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain…
CVE-2019-13716 — CVSS 4.3 (medium): Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation…
CVE-2019-13717 — CVSS 4.3 (medium): Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a…
CVE-2019-13718 — CVSS 4.3 (medium): Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN…
CVE-2019-13719 — CVSS 4.3 (medium): Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a…
CVE-2019-13704 — CVSS 4.3 (medium): Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security…
CVE-2019-13701 — CVSS 4.3 (medium): Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the…
CVE-2019-13705 — CVSS 4.3 (medium): Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a…
CVE-2019-13703 — CVSS 4.3 (medium): Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the…
CVE-2019-13708 — CVSS 4.3 (medium): Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of…
CVE-2019-13710 — CVSS 4.3 (medium): Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download…