23 matches found
SUSE CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page...
GHSA-36J3-XXF7-4PQG Android WebView Universal Cross-site Scripting
A universal cross-site scripting UXSS vulnerability, CVE-2020-6506 https://crbug.com/1083819, has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native apps whic...
Android WebView Universal Cross-site Scripting
A universal cross-site scripting UXSS vulnerability, CVE-2020-6506 https://crbug.com/1083819, has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native apps whic...
Universal XSS in Android WebView
Overview A universal cross-site scripting UXSS vulnerability, CVE-2020-6506 https://crbug.com/1083819, has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native...
GLSA-202007-08 : Chromium, Google Chrome: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202007-08 Chromium, Google Chrome: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details. Impact : Please review the...
CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page...
CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page...
CVE-2020-6506
CVE-2020-6506 affects Android WebView used by Google Chrome on Android, due to insufficient policy enforcement in WebView that allows bypassing site isolation via a crafted HTML page. The issue is categorized as a policy enforcement error in WebView, impacting the ability to enforce cross-origin/...
CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page...
CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page...
openSUSE Security Update : chromium (openSUSE-2020-845)
This update for chromium fixes the following issues : Update to version 83.0.4103.106 boo1173029 : - CVE-2020-6505: Use after free in speech - CVE-2020-6506: Insufficient policy enforcement in WebView - CVE-2020-6507: Out of bounds write in V8 - Enforce to not use system borders bsc1173063 C...
openSUSE Security Update : chromium (openSUSE-2020-893)
This update for chromium fixes the following issues : Chromium was updated to 83.0.4103.116 boo1173251 : - CVE-2020-6509: Use after free in extensions Chromium was updated to 83.0.4103.106 boo1173029 : - CVE-2020-6505: Use after free in speech - CVE-2020-6506: Insufficient policy enforcement in...
Fedora: Security Advisory for chromium (FEDORA-2020-08561721ad)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for chromium (openSUSE-SU-2020:0893-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0893-1 Security update for chromium
This update for chromium fixes the following issues: Chromium was updated to 83.0.4103.116 boo1173251: CVE-2020-6509: Use after free in extensions Chromium was updated to 83.0.4103.106 boo1173029: CVE-2020-6505: Use after free in speech CVE-2020-6506: Insufficient policy enforcement in WebView...
X (Formerly Twitter): Android WebViews in Twitter app are vulnerable to UXSS due to configuration and CVE-2020-6506
Summary: CVSS score: 8.1 / High / CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Embargo notice: Do Not Disclose publicly until https://crbug.com/1083819 is disclosed. Twitter for Android is affected by a UXSS vulnerability due to its configuration of Android WebView and CVE-2020-6506. Vendor...
openSUSE: Security Advisory for chromium (openSUSE-SU-2020:0845-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Important: Red Hat Security Advisory: chromium-browser security update
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
RHEL 6 : chromium-browser (RHSA-2020:2643)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2643 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 83.0.4103.106. Security Fixes:...
Google Chrome < 83.0.4103.106 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 83.0.4103.106. It is, therefore, affected by multiple vulnerabilities as referenced in the 202006stable-channel-update-for-desktop15 advisory. - Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a...