Search for vulnerabilities
Vulnerability details: VCID-q1da-31dw-aaas
Vulnerability ID VCID-q1da-31dw-aaas
Aliases CVE-2019-5786
GHSA-c2gp-86p4-5935
Summary Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-416 Use After Free
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-5786.html
rhas Important https://access.redhat.com/errata/RHSA-2019:0481
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5786.json
epss 0.8905 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.8905 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.89446 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.89446 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90281 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90281 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90281 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90281 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90281 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.90781 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.91215 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.96943 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.96943 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.97233 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.97233 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.97233 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.97233 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
epss 0.97233 https://api.first.org/data/v1/epss?cve=CVE-2019-5786
cvssv3.1 6.5 https://blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitation
generic_textual MODERATE https://blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitation
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1685162
cvssv3.1 6.5 https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
cvssv3.1 6.5 https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
generic_textual MODERATE https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
ssvc Track https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
cvssv3.1 6.5 https://crbug.com/936448
cvssv3.1 6.5 https://crbug.com/936448
generic_textual MODERATE https://crbug.com/936448
ssvc Track https://crbug.com/936448
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5786
cvssv3 10.0 https://electronjs.org/blog/filereader-fix
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-c2gp-86p4-5935
cvssv3.1 6.5 https://github.com/GoogleChrome/puppeteer
generic_textual MODERATE https://github.com/GoogleChrome/puppeteer
cvssv3.1 6.5 https://github.com/GoogleChrome/puppeteer/issues/4141
generic_textual MODERATE https://github.com/GoogleChrome/puppeteer/issues/4141
cvssv3 10.0 https://github.com/nodejs/security-wg/blob/main/vuln/npm/495.json
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2019-5786
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2019-5786
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2019-5786
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2019-5786
archlinux High https://security.archlinux.org/AVG-916
cvssv3 10.0 https://security.googleblog.com/2019/03/disclosing-vulnerabilities-to-protect.html
cvssv3.1 6.5 https://snyk.io/vuln/SNYK-JS-PUPPETEER-174321
generic_textual MODERATE https://snyk.io/vuln/SNYK-JS-PUPPETEER-174321
cvssv3 10.0 https://www.cisecurity.org/advisory/a-vulnerability-in-google-chrome-could-allow-for-arbitrary-code-execution_2019-026/
cvssv3.1 6.5 https://www.npmjs.com/advisories/824
generic_textual MODERATE https://www.npmjs.com/advisories/824
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-5786.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5786.json
https://api.first.org/data/v1/epss?cve=CVE-2019-5786
https://blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitation
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
https://crbug.com/936448
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5786
https://electronjs.org/blog/filereader-fix
https://github.com/GoogleChrome/puppeteer
https://github.com/GoogleChrome/puppeteer/issues/4141
https://security.googleblog.com/2019/03/disclosing-vulnerabilities-to-protect.html
https://snyk.io/vuln/SNYK-JS-PUPPETEER-174321
https://www.cisecurity.org/advisory/a-vulnerability-in-google-chrome-could-allow-for-arbitrary-code-execution_2019-026/
https://www.npmjs.com/advisories/824
1685162 https://bugzilla.redhat.com/show_bug.cgi?id=1685162
495 https://github.com/nodejs/security-wg/blob/main/vuln/npm/495.json
ASA-201903-1 https://security.archlinux.org/ASA-201903-1
AVG-916 https://security.archlinux.org/AVG-916
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:puppeteer:*:*:*:*:*:node.js:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:puppeteer:*:*:*:*:*:node.js:*:*
CVE-2019-5786 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/46812.rb
CVE-2019-5786 https://nvd.nist.gov/vuln/detail/CVE-2019-5786
CVE-2019-5786 Exploit https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/chrome_filereader_uaf.rb
CVE-2019-5786-ANALYSIS-AND-EXPLOITATION https://blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitation/
GHSA-c2gp-86p4-5935 https://github.com/advisories/GHSA-c2gp-86p4-5935
GLSA-201903-23 https://security.gentoo.org/glsa/201903-23
RHSA-2019:0481 https://access.redhat.com/errata/RHSA-2019:0481
Data source Exploit-DB
Date added May 8, 2019
Description Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)
Ransomware campaign use Known
Source publication date May 8, 2019
Exploit type remote
Platform windows_x86
Source update date May 8, 2019
Source URL https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/chrome_filereader_uaf.rb
Data source Metasploit
Description This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling ArrayBuffer reference can be used to access the sprayed objects, allowing arbitrary memory access from Javascript. This is used to write and execute shellcode in a WebAssembly object. The shellcode is executed within the Chrome sandbox, so you must explicitly disable the sandbox for the payload to be successful.
Note 
{}
Ransomware campaign use Unknown
Source publication date March 21, 2019
Platform Windows
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/chrome_filereader_uaf.rb
Data source KEV
Date added May 23, 2022
Description Google Chrome Blink contains a heap use-after-free vulnerability that allows an attacker to potentially perform out of bounds memory access via a crafted HTML page.
Required action Apply updates per vendor instructions.
Due date June 13, 2022
Note 
https://nvd.nist.gov/vuln/detail/CVE-2019-5786
Ransomware campaign use Unknown
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5786.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitation
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T14:09:14Z/ Found at https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://crbug.com/936448
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://crbug.com/936448
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T14:09:14Z/ Found at https://crbug.com/936448
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/GoogleChrome/puppeteer
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://github.com/GoogleChrome/puppeteer/issues/4141
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2019-5786
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-5786
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-5786
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2019-5786
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://snyk.io/vuln/SNYK-JS-PUPPETEER-174321
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.npmjs.com/advisories/824
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.99509
EPSS Score 0.8905
Published At June 2, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.