CVE-2019-5839: Input Validation
Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is CVE-2019-5839?
CVE-2019-5839 is a vulnerability in the URL parser in Google Chrome that allows a remote attacker to bypass URL validation via a crafted URL.
How does CVE-2019-5839 affect Google Chrome?
CVE-2019-5839 affects Google Chrome versions prior to 75.0.3770.80.
Which software versions are affected by CVE-2019-5839?
CVE-2019-5839 affects Google Chrome versions prior to 75.0.3770.80, OpenSUSE Backports sle-15, openSUSE Leap 15.0, openSUSE Leap 15.1, openSUSE Leap 42.3, Debian Debian Linux 10.0, Fedoraproject Fedora 29, Fedoraproject Fedora 30, and Chromium.
How severe is CVE-2019-5839?
CVE-2019-5839 has a severity rating of 4.3 (medium).
How can CVE-2019-5839 be remediated?
To remediate CVE-2019-5839, update Google Chrome to version 75.0.3770.80, OpenSUSE Backports sle-15, openSUSE Leap to the latest version, Debian Debian Linux 10.0 to the latest version, Fedoraproject Fedora 29 to the latest version, and Chromium to the latest version.