Lucene search

K
freebsdFreeBSDF4722927-1375-11EB-8711-3065EC8FD3EC
HistoryOct 20, 2020 - 12:00 a.m.

chromium -- multiple vulnerabilities

2020-10-2000:00:00
vuxml.freebsd.org
20

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.033

Percentile

91.5%

Chrome Releases reports:

This release includes 5 security fixes:

[1125337] High CVE-2020-16000: Inappropriate implementation in
Blink. Reported by amaebi_jp on 2020-09-06
[1135018] High CVE-2020-16001: Use after free in media.
Reported by Khalil Zhani on 2020-10-05
[1137630] High CVE-2020-16002: Use after free in PDFium.
Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec
at Qi’anxin Group on 2020-10-13
[1139963] High CVE-2020-15999: Heap buffer overflow in
Freetype. Reported by Sergei Glazunov of Google Project Zero on
2020-10-19
[1134960] Medium CVE-2020-16003: Use after free in printing.
Reported by Khalil Zhani on 2020-10-04

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchchromium<Β 86.0.4240.111UNKNOWN

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.033

Percentile

91.5%