Lucene search

PRIOn knowledge basePRION:CVE-2020-6470

HistoryMay 21, 2020 - 4:15 a.m.

Input validation

2020-05-2104:15:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

JSON

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents.

CPENameOperatorVersion
debian_linuxeq9.0
debian_linuxeq10.0
fedoraeq31
fedoraeq32
chromelt83.0.4103.61
backports_sleeq15.0 sp1
leapeq15.1

Name	Operator	Version
debian_linux	eq	9.0
debian_linux	eq	10.0
fedora	eq	31
fedora	eq	32
chrome	lt	83.0.4103.61
backports_sle	eq	15.0 sp1
leap	eq	15.1

References

lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html

lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html

chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html

crbug.com/1065761

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQYH5OK7O4BU6E37WWG5SEEHV65BFSGR/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT/

security.gentoo.org/glsa/202006-02

security.gentoo.org/glsa/202101-30

www.debian.org/security/2020/dsa-4714