Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
07 Nov 2023, 03:11
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | () https://access.redhat.com/errata/RHSA-2019:0309 - | |
References | () https://crbug.com/914497 - | |
References | () http://www.securityfocus.com/bid/106767 - | |
References | () https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html - | |
References | () https://www.debian.org/security/2019/dsa-4395 - | |
CWE | CWE-327 |
Information
Published : 2019-02-19 17:29
Updated : 2023-12-10 12:44
NVD link : CVE-2019-5754
Mitre link : CVE-2019-5754
CVE.ORG link : CVE-2019-5754
JSON object : View
Products Affected
debian
- debian_linux
fedoraproject
- fedora
- chrome
redhat
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux_desktop
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm