73.0.3683.75
included 60 security fixes.
[913964] High CVE-2019-5787: Use after free in Canvas. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11
[925864] High CVE-2019-5788: Use after free in FileAPI. Reported by Mark Brand of Google Project Zero on 2019-01-28
[921581] High CVE-2019-5789: Use after free in WebMIDI. Reported by Mark Brand of Google Project Zero on 2019-01-14
[914736] High CVE-2019-5790: Heap buffer overflow in V8. Reported by Dimitri Fourny (Blue Frost Security) on 2018-12-13
[926651] High CVE-2019-5791: Type confusion in V8. Reported by Choongwoo Han of Naver Corporation on 2019-01-30
[914983] High CVE-2019-5792: Integer overflow in PDFium. Reported by pdknsk on 2018-12-13
[937487] Medium CVE-2019-5793: Excessive permissions for private API in Extensions. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-03-01
[935175] Medium CVE-2019-5794: Security UI spoofing. Reported by Juno Im of Theori on 2019-02-24
[919643] Medium CVE-2019-5795: Integer overflow in PDFium. Reported by pdknsk on 2019-01-07
[918861] Medium CVE-2019-5796: Race condition in Extensions. Reported by Mark Brand of Google Project Zero on 2019-01-03
[916523] Medium CVE-2019-5797: Race condition in DOMStorage. Reported by Mark Brand of Google Project Zero on 2018-12-19
[883596] Medium CVE-2019-5798: Out of bounds read in Skia. Reported by Tran Tien Hung (@hungtt28) of Viettel Cyber Security on 2018-09-13
[905301] Medium CVE-2019-5799: CSP bypass with blob URL. Reported by sohalt on 2018-11-14
[894228] Medium CVE-2019-5800: CSP bypass with blob URL. Reported by Jun Kokatsu (@shhnjk) on 2018-10-10
[921390] Medium CVE-2019-5801: Incorrect Omnibox display on iOS. Reported by Khalil Zhani on 2019-01-13
[632514] Medium CVE-2019-5802: Security UI spoofing. Reported by Ronni Skansing on 2016-07-28
[909865] Low CVE-2019-5803: CSP bypass with Javascript URLs’. Reported by Andrew Comminos of Facebook on 2018-11-28
[933004] Low CVE-2019-5804: Command line command injection on Windows. Reported by Joshua Graham of TSS on 2019-02-17