Google Chrome 74.0.3729.108 releases: includes 39 security fixes

The Google Chrome development team has now released Chrome v74, which routinely fixes security vulnerabilities submitted by a large number of researchers. At the same time, the new stable version also brings some improvements and new functions, such as reducing the dynamic content displayed on the webpage according to the system settings to prevent interference with users. The main interface for developers is to add some API interfaces. Interested developers can test these interfaces according to the instructions of Google Chrome.

This update includes 39 security fixes.

[$3000][913320] High CVE-2019-5805: Use after free in PDFium. Reported by Anonymous on 2018-12-10
[$3000][943087] High CVE-2019-5806: Integer overflow in Angle. Reported by Wen Xu of SSLab, Georgia Tech on 2019-03-18
[$3000][945644] High CVE-2019-5807: Memory corruption in V8. Reported by TimGMichaud of Leviathan Security Group. on 2019-03-26
[$3000][947029] High CVE-2019-5808: Use after free in Blink. Reported by cloudfuzzer on 2019-03-28
[$N/A][941008] High CVE-2019-5809: Use after free in Blink. Reported by Mark Brand of Google Project Zero on 2019-03-12
[$2000+$1,337][916838] Medium CVE-2019-5810: User information disclosure in Autofill. Reported by Mark Amery on 2018-12-20
[$2000][771815] Medium CVE-2019-5811: CORS bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-10-04
[$2000][925598] Medium CVE-2019-5812: URL spoof in Omnibox on iOS. Reported by Khalil Zhani on 2019-01-26
[$2000][942699] Medium CVE-2019-5813: Out of bounds read in V8. Reported by Aleksandar Nikolic of Cisco Talos on 2019-03-15
[$1000][930057] Medium CVE-2019-5814: CORS bypass in Blink. Reported by @AaylaSecura1138 on 2019-02-08
[$1000][930663] Medium CVE-2019-5815: Heap buffer overflow in Blink. Reported by Nicolas Grégoire, Agarri on 2019-02-11
[$1000][940245] Medium CVE-2019-5816: Exploit persistence extension on Android. Reported by Yongke Wang of Tencent’s Xuanwu Lab (xlab.tencent.com) on 2019-03-10
[$1000][943709] Medium CVE-2019-5817: Heap buffer overflow in Angle on Windows. Reported by Wen Xu of SSLab, Georgia Tech on 2019-03-19
[$500][929962] Medium CVE-2019-5818: Uninitialized value in media reader. Reported by Adrian Tolbaru on 2019-02-08
[$N/A][919356] Medium CVE-2019-5819: Incorrect escaping in developer tools. Reported by Svyat Mitin on 2019-01-06
[$N/A][919635] Medium CVE-2019-5820: Integer overflow in PDFium. Reported by pdknsk on 2019-01-07
[$N/A][919640] Medium CVE-2019-5821: Integer overflow in PDFium. Reported by pdknsk on 2019-01-07
[$500][926105] Low CVE-2019-5822: CORS bypass in download manager. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-01-29
[$500][930154] Low CVE-2019-5823: Forced navigation from service worker. Reported by David Erceg on 2019-02-08