Lucene search

K

ChromeCVELIST:CVE-2020-15963

HistorySep 21, 2020 - 7:06 p.m.

CVE-2020-15963

2020-09-2119:06:36

Chrome

www.cve.org

1

8.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.0%

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "85.0.4183.121",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html

lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html

chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html

crbug.com/1113558

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZIGAOCZKBT4LV363BCPRA5FLY25I/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNIYFJST4TFJYFZ27VODBOINCLBGULTD/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWNBJFBPKYCYSZTS54FHNCRZG6KC2AIJ/

security.gentoo.org/glsa/202009-13

security.gentoo.org/glsa/202101-30

www.debian.org/security/2021/dsa-4824

8.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.0%

Related for CVELIST:CVE-2020-15963

redhatcve1 nvd1 cve1 veracode1 prion1 debiancve1 ubuntucve1 freebsd1 threatpost1 openvas8 nessus13 gentoo2 archlinux1 kaspersky2 fedora3 suse4 chrome1 redhat1 debian1 osv1 mscve1