What is the severity of CVE-2019-5756?

CVE-2019-5756 has been classified with a high severity level due to its potential to exploit use-after-free vulnerabilities in PDFium.

How do I fix CVE-2019-5756?

To fix CVE-2019-5756, update your Chromium browser to version 72.0.3626.81 or later.

What systems are affected by CVE-2019-5756?

CVE-2019-5756 affects Chromium on various platforms including Debian, Red Hat, and Google Chrome.

What type of vulnerability is CVE-2019-5756?

CVE-2019-5756 is categorized as a use-after-free vulnerability within the PDFium component of the Chromium browser.

Who discovered CVE-2019-5756?

CVE-2019-5756 was identified as part of ongoing security assessments and has been documented by various security researchers.

Vulnerability/
CVE-2019-5756

high

8.8

CWE

416

14/10/2018

19/2/2019

21/11/2024

CVE-2019-5756: Use after free in PDFium

First published: Sun Oct 14 2018(Updated: )

An use after free flaw was found in the PDFium component of the Chromium browser. Upstream bug(s): <a href="https://code.google.com/p/chromium/issues/detail?id=895152">https://code.google.com/p/chromium/issues/detail?id=895152</a> External References: <a href="https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html">https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html</a>

Credit: cve-coordination@google.com Anonymous chrome-cve-admin@google.com

Affected Software	Affected Version	How to fix
debian/chromium		90.0.4430.212-1~deb10u1 116.0.5845.180-1~deb11u1 118.0.5993.70-1~deb11u1 116.0.5845.180-1~deb12u1 118.0.5993.70-1~deb12u1 118.0.5993.70-1
redhat/chromium-browser	<72.0.3626.81	72.0.3626.81
Google Chrome (Trace Event)	<72.0.3626.81	72.0.3626.81
Google Chrome (Trace Event)	<72.0.3626.81
Debian	=9.0
Red Hat Enterprise Linux Desktop	=6.0
Red Hat Enterprise Linux Server	=6.0
Red Hat Enterprise Linux Workstation	=6.0
Fedora	=29
Fedora	=30

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

6268810185140219955

Frequently Asked Questions

What is the severity of CVE-2019-5756?
CVE-2019-5756 has been classified with a high severity level due to its potential to exploit use-after-free vulnerabilities in PDFium.
How do I fix CVE-2019-5756?
To fix CVE-2019-5756, update your Chromium browser to version 72.0.3626.81 or later.
What systems are affected by CVE-2019-5756?
CVE-2019-5756 affects Chromium on various platforms including Debian, Red Hat, and Google Chrome.
What type of vulnerability is CVE-2019-5756?
CVE-2019-5756 is categorized as a use-after-free vulnerability within the PDFium component of the Chromium browser.
Who discovered CVE-2019-5756?
CVE-2019-5756 was identified as part of ongoing security assessments and has been documented by various security researchers.

collector/security-tracker-debian
agent/type
agent/first-publish-date
agent/severity
agent/title
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2019-5756
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/references
agent/last-modified-date
agent/author
agent/event
agent/trending
agent/source
agent/weakness
agent/tags
agent/softwarecombine
collector/chrome-releases
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
collector/nvd-index
package-manager/debian
package-manager/redhat
vendor/google
canonical/google chrome (trace event)
vendor/debian
canonical/debian
version/debian/9.0
vendor/redhat
canonical/red hat enterprise linux desktop
version/red hat enterprise linux desktop/6.0
canonical/red hat enterprise linux server
version/red hat enterprise linux server/6.0
canonical/red hat enterprise linux workstation
version/red hat enterprise linux workstation/6.0
vendor/fedoraproject
canonical/fedora
version/fedora/29
version/fedora/30