New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely

2021-04-14T14:43:00

Description

[![whatsapp hacking](https://thehackernews.com/images/-drD8RCgm3L4/YHb9GDFPQBI/AAAAAAAACRY/DCar9seAz1oPXvQHXGtk6Iu7wmdS3xl5ACLcBGAsYHQ/s728-e1000/whatsapp-hacking.jpg)](<https://thehackernews.com/images/-drD8RCgm3L4/YHb9GDFPQBI/AAAAAAAACRY/DCar9seAz1oPXvQHXGtk6Iu7wmdS3xl5ACLcBGAsYHQ/s0/whatsapp-hacking.jpg>) Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even exfiltrate sensitive information. The flaws take aim at devices running Android versions up to and including Android 9 by carrying out what's known as a "man-in-the-disk" attack that makes it possible for adversaries to compromise an app by manipulating certain data being exchanged between it and the external storage. "The two aforementioned WhatsApp vulnerabilities would have made it possible for attackers to remotely collect TLS cryptographic material for TLS 1.3 and TLS 1.2 sessions," researchers from Census Labs [said](<https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/>) today. "With the TLS secrets at hand, we will demonstrate how a man-in-the-middle (MitM) attack can lead to the compromise of WhatsApp communications, to remote code execution on the victim device and to the extraction of Noise protocol keys used for end-to-end encryption in user communications." In particular, the flaw ([CVE-2021-24027](<https://census-labs.com/news/2021/04/14/whatsapp-exposure-of-cryptographic-material-to-third-party-apps/>)) leverages Chrome's support for [content providers](<https://census-labs.com/news/2021/04/14/whatsapp-exposure-of-cryptographic-material-to-third-party-apps/>) in Android (via the "content://" URL scheme) and a same-origin policy bypass in the browser (CVE-2020-6516), thereby allowing an attacker to send a specially-crafted HTML file to a victim over WhatsApp, which, when opened on the browser, executes the code contained in the HTML file. Worse, the malicious code can be used to access any resource stored in the unprotected external storage area, including those from WhatsApp, which was found to save TLS session key details in a sub-directory, among others, and as a result, expose sensitive information to any app that's provisioned to read or write from the external storage. "All an attacker has to do is lure the victim into opening an HTML document attachment," Census Labs researcher Chariton Karamitas said. "WhatsApp will render this attachment in Chrome, over a content provider, and the attacker's Javascript code will be able to steal the stored TLS session keys." Armed with the keys, a bad actor can then stage a man-in-the-middle attack to achieve remote code execution or even exfiltrate the [Noise protocol](<https://www.noiseprotocol.org/>) key pairs — which are used to operate an [encrypted channel](<https://scontent.whatsapp.net/v/t39.8562-34/122249142_469857720642275_2152527586907531259_n.pdf/WA_Security_WhitePaper.pdf?ccb=1-3&_nc_sid=2fbf2a&_nc_ohc=RCXeLKlCMqoAX8GmYD5&_nc_ht=scontent.whatsapp.net&oh=82f269ca2fb5e9cdd260ba28c76b9e8d&oe=609D9119>) between the client and server for transport layer security (and not the messages themselves, which are encrypted using the Signal protocol) — gathered by the app for diagnostic purposes by deliberately triggering an out of memory error remotely on the victim's device When this error is thrown, WhatsApp's debugging mechanism kicks in and [uploads](<https://twitter.com/ifsecure/status/1382280692172742659>) the encoded key pairs along with the application logs, system information, and other memory content to a dedicated crash logs server ("crashlogs.whatsapp.net"). But it's worth noting that this only occurs on devices that run a new version of the app, and "less than 10 days have elapsed since the current version's release date." Although the debugging process is designed to be invoked to catch fatal errors in the app, the idea behind the MitM exploit is to programmatically cause an exception that will force the data collection and set off the upload, only to intercept the connection and "disclose all the sensitive information that was intended to be sent to WhatsApp's internal infrastructure." To defend against such attacks, Google introduced a feature called "[scoped storage](<https://thehackernews.com/2020/02/android-app-data-encryption.html>)" in Android 10, which gives each app an isolated storage area on the device in a way that no other app installed on the same device can directly access data saved by other apps. The cybersecurity firm said it has no knowledge on whether the attacks have been exploited in the wild, although in the past, flaws in WhatsApp have been abused to [inject spyware](<https://thenextweb.com/news/psa-update-whatsapp-now-to-prevent-spyware-from-being-installed-on-your-phone>) onto target devices and snoop on [journalists and human rights activists](<https://thenextweb.com/news/whatsapp-spyware-was-used-to-snoop-on-2-dozen-indian-activists-and-journalists>). WhatsApp users are recommended to update to version 2.21.4.18 to mitigate the risk associated with the flaws. When reached for a response, the company reiterated that the "keys" that are used to protect people's messages are not being uploaded to the servers and that the crash log information does not allow it to access the message contents. > "We regularly work with security researchers to improve the numerous ways WhatsApp protects people's messages," a spokesperson told The Hacker News. "We appreciate the information these researchers shared with us, which has already helped us make improvements to WhatsApp in the event an Android user visited a malicious website on Chrome. To be clear: end-to-end encryption continues to work as intended and people's messages remain safe and secure." "There are many more subsystems in WhatsApp which might be of great interest to an attacker," Karamitas said. "The communication with upstream servers and the E2E encryption implementation are two notable ones. Additionally, despite the fact that this work focused on WhatsApp, other popular Android messaging applications (e.g. Viber, Facebook Messenger), or even mobile games might be unwillingly exposing a similar attack surface to remote adversaries." Found this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter __](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.

{"id": "THN:9A86E9EAC628F4A135F7BA4839BA72D0", "vendorId": null, "type": "thn", "bulletinFamily": "info", "title": "New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely", "description": "[![whatsapp hacking](https://thehackernews.com/images/-drD8RCgm3L4/YHb9GDFPQBI/AAAAAAAACRY/DCar9seAz1oPXvQHXGtk6Iu7wmdS3xl5ACLcBGAsYHQ/s728-e1000/whatsapp-hacking.jpg)](<https://thehackernews.com/images/-drD8RCgm3L4/YHb9GDFPQBI/AAAAAAAACRY/DCar9seAz1oPXvQHXGtk6Iu7wmdS3xl5ACLcBGAsYHQ/s0/whatsapp-hacking.jpg>)\n\nFacebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even exfiltrate sensitive information.\n\nThe flaws take aim at devices running Android versions up to and including Android 9 by carrying out what's known as a \"man-in-the-disk\" attack that makes it possible for adversaries to compromise an app by manipulating certain data being exchanged between it and the external storage.\n\n\"The two aforementioned WhatsApp vulnerabilities would have made it possible for attackers to remotely collect TLS cryptographic material for TLS 1.3 and TLS 1.2 sessions,\" researchers from Census Labs [said](<https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/>) today. \n\n\"With the TLS secrets at hand, we will demonstrate how a man-in-the-middle (MitM) attack can lead to the compromise of WhatsApp communications, to remote code execution on the victim device and to the extraction of Noise protocol keys used for end-to-end encryption in user communications.\"\n\nIn particular, the flaw ([CVE-2021-24027](<https://census-labs.com/news/2021/04/14/whatsapp-exposure-of-cryptographic-material-to-third-party-apps/>)) leverages Chrome's support for [content providers](<https://census-labs.com/news/2021/04/14/whatsapp-exposure-of-cryptographic-material-to-third-party-apps/>) in Android (via the \"content://\" URL scheme) and a same-origin policy bypass in the browser (CVE-2020-6516), thereby allowing an attacker to send a specially-crafted HTML file to a victim over WhatsApp, which, when opened on the browser, executes the code contained in the HTML file.\n\nWorse, the malicious code can be used to access any resource stored in the unprotected external storage area, including those from WhatsApp, which was found to save TLS session key details in a sub-directory, among others, and as a result, expose sensitive information to any app that's provisioned to read or write from the external storage.\n\n\"All an attacker has to do is lure the victim into opening an HTML document attachment,\" Census Labs researcher Chariton Karamitas said. \"WhatsApp will render this attachment in Chrome, over a content provider, and the attacker's Javascript code will be able to steal the stored TLS session keys.\"\n\nArmed with the keys, a bad actor can then stage a man-in-the-middle attack to achieve remote code execution or even exfiltrate the [Noise protocol](<https://www.noiseprotocol.org/>) key pairs \u2014 which are used to operate an [encrypted channel](<https://scontent.whatsapp.net/v/t39.8562-34/122249142_469857720642275_2152527586907531259_n.pdf/WA_Security_WhitePaper.pdf?ccb=1-3&_nc_sid=2fbf2a&_nc_ohc=RCXeLKlCMqoAX8GmYD5&_nc_ht=scontent.whatsapp.net&oh=82f269ca2fb5e9cdd260ba28c76b9e8d&oe=609D9119>) between the client and server for transport layer security (and not the messages themselves, which are encrypted using the Signal protocol) \u2014 gathered by the app for diagnostic purposes by deliberately triggering an out of memory error remotely on the victim's device\n\nWhen this error is thrown, WhatsApp's debugging mechanism kicks in and [uploads](<https://twitter.com/ifsecure/status/1382280692172742659>) the encoded key pairs along with the application logs, system information, and other memory content to a dedicated crash logs server (\"crashlogs.whatsapp.net\"). But it's worth noting that this only occurs on devices that run a new version of the app, and \"less than 10 days have elapsed since the current version's release date.\"\n\nAlthough the debugging process is designed to be invoked to catch fatal errors in the app, the idea behind the MitM exploit is to programmatically cause an exception that will force the data collection and set off the upload, only to intercept the connection and \"disclose all the sensitive information that was intended to be sent to WhatsApp's internal infrastructure.\"\n\nTo defend against such attacks, Google introduced a feature called \"[scoped storage](<https://thehackernews.com/2020/02/android-app-data-encryption.html>)\" in Android 10, which gives each app an isolated storage area on the device in a way that no other app installed on the same device can directly access data saved by other apps.\n\nThe cybersecurity firm said it has no knowledge on whether the attacks have been exploited in the wild, although in the past, flaws in WhatsApp have been abused to [inject spyware](<https://thenextweb.com/news/psa-update-whatsapp-now-to-prevent-spyware-from-being-installed-on-your-phone>) onto target devices and snoop on [journalists and human rights activists](<https://thenextweb.com/news/whatsapp-spyware-was-used-to-snoop-on-2-dozen-indian-activists-and-journalists>).\n\nWhatsApp users are recommended to update to version 2.21.4.18 to mitigate the risk associated with the flaws. When reached for a response, the company reiterated that the \"keys\" that are used to protect people's messages are not being uploaded to the servers and that the crash log information does not allow it to access the message contents.\n\n> \"We regularly work with security researchers to improve the numerous ways WhatsApp protects people's messages,\" a spokesperson told The Hacker News. \"We appreciate the information these researchers shared with us, which has already helped us make improvements to WhatsApp in the event an Android user visited a malicious website on Chrome. To be clear: end-to-end encryption continues to work as intended and people's messages remain safe and secure.\"\n\n\"There are many more subsystems in WhatsApp which might be of great interest to an attacker,\" Karamitas said. \"The communication with upstream servers and the E2E encryption implementation are two notable ones. Additionally, despite the fact that this work focused on WhatsApp, other popular Android messaging applications (e.g. Viber, Facebook Messenger), or even mobile games might be unwillingly exposing a similar attack surface to remote adversaries.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "published": "2021-04-14T14:43:00", "modified": "2021-04-15T06:55:19", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://thehackernews.com/2021/04/new-whatsapp-bug-couldve-let-attackers.html", "reporter": "The Hacker News", "references": [], "cvelist": ["CVE-2020-6516", "CVE-2021-24027"], "immutableFields": [], "lastseen": "2022-05-09T12:38:20", "viewCount": 49, "enchantments": {"dependencies": {"references": [{"type": "chrome", "idList": ["GCSA-7394511674302395818"]}, {"type": "cve", "idList": ["CVE-2020-6516", "CVE-2021-24027"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4824-1:11EBB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-6516"]}, {"type": "fedora", "idList": ["FEDORA:6C5D23486BFA", "FEDORA:73D05317E17D"]}, {"type": "freebsd", "idList": ["870D59B0-C6C4-11EA-8015-E09467587C17"]}, {"type": "gentoo", "idList": ["GLSA-202007-08"]}, {"type": "githubexploit", "idList": ["FA0A53A2-58CE-5652-9B7C-FDF1D9A3497C"]}, {"type": "kaspersky", "idList": ["KLA11869"]}, {"type": "mscve", "idList": ["MS:ADV200002"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-4824.NASL", "FEDORA_2020-84D87CBD50.NASL", "FEDORA_2020-BF684961D9.NASL", "FREEBSD_PKG_870D59B0C6C411EA8015E09467587C17.NASL", "GENTOO_GLSA-202007-08.NASL", "GOOGLE_CHROME_84_0_4147_89.NASL", "MACOSX_GOOGLE_CHROME_84_0_4147_89.NASL", "MICROSOFT_EDGE_CHROMIUM_84_0_522_40.NASL", "OPENSUSE-2020-1020.NASL", "OPENSUSE-2020-1021.NASL", "OPENSUSE-2020-1148.NASL", "OPENSUSE-2020-1172.NASL", "REDHAT-RHSA-2020-3377.NASL"]}, {"type": "osv", "idList": ["OSV:DSA-4824-1"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:34A67C418048A047E48BE87F72AFCFF3"]}, {"type": "redhat", "idList": ["RHSA-2020:3377"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-6516"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1020-1", "OPENSUSE-SU-2020:1021-1", "OPENSUSE-SU-2020:1048-1", "OPENSUSE-SU-2020:1061-1", "OPENSUSE-SU-2020:1148-1", "OPENSUSE-SU-2020:1172-1"]}, {"type": "threatpost", "idList": ["THREATPOST:DC4DAA2C2F91148A88C3494B6E55F309"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-6516"]}, {"type": "veracode", "idList": ["VERACODE:28735"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "chrome", "idList": ["GCSA-7394511674302395818"]}, {"type": "cve", "idList": ["CVE-2020-6516"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4824-1:11EBB"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-6516"]}, {"type": "fedora", "idList": ["FEDORA:6C5D23486BFA", "FEDORA:73D05317E17D"]}, {"type": "freebsd", "idList": ["870D59B0-C6C4-11EA-8015-E09467587C17"]}, {"type": "gentoo", "idList": ["GLSA-202007-08"]}, {"type": "githubexploit", "idList": ["FA0A53A2-58CE-5652-9B7C-FDF1D9A3497C"]}, {"type": "kaspersky", "idList": ["KLA11869"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/DEBIAN-CVE-2020-6516/"]}, {"type": "mscve", "idList": ["MS:ADV200002"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-4824.NASL", "GENTOO_GLSA-202007-08.NASL", "GOOGLE_CHROME_84_0_4147_89.NASL", "MACOSX_GOOGLE_CHROME_84_0_4147_89.NASL", "OPENSUSE-2020-1020.NASL", "OPENSUSE-2020-1021.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:34A67C418048A047E48BE87F72AFCFF3"]}, {"type": "redhat", "idList": ["RHSA-2020:3377"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-6516"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1020-1", "OPENSUSE-SU-2020:1021-1", "OPENSUSE-SU-2020:1061-1"]}, {"type": "threatpost", "idList": ["THREATPOST:DC4DAA2C2F91148A88C3494B6E55F309"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-6516"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2020-6516", "epss": "0.002710000", "percentile": "0.627840000", "modified": "2023-03-16"}, {"cve": "CVE-2021-24027", "epss": "0.001500000", "percentile": "0.494380000", "modified": "2023-03-17"}], "vulnersScore": 0.0}, "_state": {"dependencies": 1659988328, "score": 1659898735, "epss": 1679070268}, "_internal": {"score_hash": "2ae10e77f264e6fce03cff73450097f5"}}

{"githubexploit": [{"lastseen": "2022-03-23T23:59:50", "description": "# WhatsApp MitD & MitM\n\n## Introduction\n\nThis repository contain...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-11T15:27:25", "type": "githubexploit", "title": "Exploit for Vulnerability in Google Chrome", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6516", "CVE-2021-24027"], "modified": "2022-03-02T17:27:19", "id": "FA0A53A2-58CE-5652-9B7C-FDF1D9A3497C", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "privateArea": 1}], "cve": [{"lastseen": "2023-02-09T14:10:34", "description": "A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device\u2019s external storage to read cached TLS material.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-06T17:15:00", "type": "cve", "title": "CVE-2021-24027", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-24027"], "modified": "2022-08-30T22:40:00", "cpe": [], "id": "CVE-2021-24027", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24027", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-02-09T15:27:53", "description": "Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2020-07-22T17:15:00", "type": "cve", "title": "CVE-2020-6516", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6516"], "modified": "2021-03-12T21:51:00", "cpe": ["cpe:/o:opensuse:leap:15.2", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:fedoraproject:fedora:32", "cpe:/o:opensuse:leap:15.1", "cpe:/o:fedoraproject:fedora:31", "cpe:/a:opensuse:backports_sle:15.0"], "id": "CVE-2020-6516", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-6516", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2023-03-08T20:19:30", "description": "Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2020-07-15T17:08:14", "type": "redhatcve", "title": "CVE-2020-6516", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6516"], "modified": "2023-03-08T18:29:16", "id": "RH:CVE-2020-6516", "href": "https://access.redhat.com/security/cve/cve-2020-6516", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2023-02-03T13:46:12", "description": "Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a\nremote attacker to leak cross-origin data via a crafted HTML page.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[alexmurray](<https://launchpad.net/~alexmurray>) | The Debian chromium source package is called chromium-browser in Ubuntu \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | starting with Ubuntu 19.10, the chromium-browser package is just a script that installs the Chromium snap\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2020-07-22T00:00:00", "type": "ubuntucve", "title": "CVE-2020-6516", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6516"], "modified": "2020-07-22T00:00:00", "id": "UB:CVE-2020-6516", "href": "https://ubuntu.com/security/CVE-2020-6516", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "veracode": [{"lastseen": "2022-07-26T16:47:44", "description": "chromium is vulnerable to information disclosure. The vulnerability exists through policy bypass in CORS that allows a remote attacker to leak cross-origin data via a crafted HTML page.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2020-12-21T19:52:16", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6516"], "modified": "2021-03-12T23:39:10", "id": "VERACODE:28735", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-28735/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-03-27T06:08:24", "description": "Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2020-07-22T17:15:00", "type": "debiancve", "title": "CVE-2020-6516", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6516"], "modified": "2020-07-22T17:15:00", "id": "DEBIANCVE:CVE-2020-6516", "href": "https://security-tracker.debian.org/tracker/CVE-2020-6516", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "qualysblog": [{"lastseen": "2021-04-23T06:37:13", "description": "WhatsApp has recently fixed [critical and high-severity vulnerabilities](<https://www.whatsapp.com/security/advisories/2021/>) affecting WhatsApp for Android, WhatsApp Business for Android, WhatsApp for iOS, and WhatsApp Business for iOS. The Indian Computer Emergency Response Team ([CERT-In](<https://www.cert-in.org.in/>)) has issued a [high-severity security warning](<https://www.businesstoday.in/technology/news/indias-cyber-agency-issues-high-severity-security-warning-for-whatsapp-users/story/436889.html>) for WhatsApp users in India. It has again confirmed that businesses need a mobile security solution to secure their devices.\n\n### Remote Code Execution (RCE) Vulnerability: CVE-2021-24026\n\nWhatsApp released a patch to fix the RCE critical vulnerability (CVE-2021-24026). This vulnerability has a CVSSv3 base score of 9.8 and should be prioritized for patching. It affects assets running:\n\n * WhatsApp for Android prior to v2.21.3\n * WhatsApp Business for Android prior to v2.21.3\n * WhatsApp for iOS prior to v2.21.32\n * WhatsApp Business for iOS prior to v2.21.32\n\n### Sensitive Information Disclosure Vulnerability: CVE-2021-24027\n\nWhatsApp released a patch to fix a Sensitive Information Disclosure high vulnerability (CVE-2021-24027). This vulnerability has a CVSSv3 base score of 7.5 and should be prioritized for patching. It affects asset running WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18.\n\nThe latest vulnerabilities are also affecting WhatsApp Business. If you are using it within your organization then it becomes critical to fix it on priority. According to CERT-In, "Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code or access sensitive information on a targeted system." To minimize the risk, you need to identify the affected assets and then update the application to the right version.\n\n### Identification of Assets using VMDR for Mobile Devices\n\nThe first step in managing the critical vulnerabilities and reducing risk is to identify the assets. [Qualys VMDR for Mobile Devices](<https://www.qualys.com/apps/vulnerability-management-detection-response/mobile-devices/?_ga=2.112535620.1786395568.1618815354-1930174972.1592457703>) makes it easy to identify the assets running WhatsApp. To get the comprehensive visibility of the mobile devices, you need to install Qualys Cloud Agent for Android or iOS on all mobile devices. The device onboarding process is easy, and the inventory of mobile devices is free.\n\n![](https://blog.qualys.com/wp-content/uploads/2021/04/Assets-1-1.png)QQL: Asset- application.name:whatsapp\n\n### Discover WhatsApp Vulnerabilities (CVE-2021-24026) and (CVE-2021-24027)\n\nOnce you have the list of assets running WhatsApp, you next want the list of assets with the latest WhatsApp vulnerabilities. VMDR for Mobile Devices automatically detects the new vulnerabilities based on the always updated Knowledgebase.\n\nTo see all impacted assets, navigate to the Vulnerability tab, add and run the following QQL in Vulnerability dropdown\n\n![](https://blog.qualys.com/wp-content/uploads/2021/04/Vulnerabilities-1.png)QQL: vulnerabilities.vulnerability.qid:630671 or vulnerabilities.vulnerability.qid:630672\n\nQID 630671 and 630672 is available in signature version SEM VULNSIGS-1.0.0.31, and there is no dependency on any specific [Qualys Cloud Agent](<https://www.qualys.com/cloud-agent/>) version.\n\nWith the VMDR for Mobile Devices dashboard, you can track the status of the assets on which the latest WhatsApp vulnerabilities are detected. The dashboard will be updated with the latest data collected by Qualys Cloud Agent for Android devices.\n\n![](https://blog.qualys.com/wp-content/uploads/2021/04/Dashboard-1.png)\n\n### Respond by Patching and Remediation\n\nVMDR for Mobile Devices provides you the patch orchestration for Android devices that helps you rapidly remediate the Android assets. Patch orchestration helps you initiate the most relevant per-application version patches on the affected assets.\n\nYou do not have to create multiple jobs; one job will take care of all vulnerabilities of that application.\n\n![](https://blog.qualys.com/wp-content/uploads/2021/04/Patch_Job-1.png)\n\nUsers are encouraged to apply patches as soon as possible. For iOS assets, you can perform the \u201cSend Message\u201d action to inform the end user to update WhatsApp to the latest version. Also, you may provide step-by-step details to update WhatsApp from the Apple App Store.\n\n### Get Started Now\n\n[Qualys VMDR for Mobile Devices](<https://www.qualys.com/apps/vulnerability-management-detection-response/mobile-devices/>) is available free for 30 days to help you detect vulnerabilities, monitor critical device settings, and correlate updates with the correct app versions available on Google Play Store. Sign up now for a [free 30-day trial of VMDR for Mobile Devices](<https://www.qualys.com/apps/vulnerability-management-detection-response/mobile-devices/#trial>).", "cvss3": {}, "published": "2021-04-22T19:20:42", "type": "qualysblog", "title": "WhatsApp Vulnerabilities: Automatically Discover and Remediate Using VMDR for Mobile Devices", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-24026", "CVE-2021-24027"], "modified": "2021-04-22T19:20:42", "id": "QUALYSBLOG:34A67C418048A047E48BE87F72AFCFF3", "href": "https://blog.qualys.com/category/vulnerabilities-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2021-04-16T13:53:14", "description": "Several variants of the Gafgyt Linux-based botnet malware family have incorporated code from the infamous Mirai botnet, researchers have discovered.\n\nGafgyt (a.k.a. Bashlite) is a [botnet that was first uncovered in 2014](<https://threatpost.com/mirai-gafgyt-botnets-return-to-target-infamous-apache-struts-sonicwall-flaws/137309/>). It targets vulnerable internet of things (IoT) devices like Huawei routers, Realtek routers and ASUS devices, which it then uses to launch large-scale distributed denial-of-service (DDoS) attacks. It also often uses known vulnerabilities such as CVE-2017-17215 and CVE-2018-10561 to download next-stage payloads to infected devices.\n\n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\nThe latest variants have now incorporated several Mirai-based modules, according to research from Uptycs [released Thursday](<https://www.uptycs.com/blog/mirai-code-re-use-in-gafgyt>), along with new exploits. Mirai variants and its code re-use have become more voluminous since the source code for the IoT botnet [was released](<https://threatpost.com/source-code-released-for-mirai-ddos-malware/121039/>) in October 2016.\n\nThe capabilities nicked from Mirai include various methods to carry out DDoS attacks, according to the research:\n\n * HTTP flooding, in which the botnet sends a large number of HTTP requests to a targeted server to overwhelm it;\n * UDP flooding, where the botnet sends several UDP packets to a victim server as a means of exhausting it;\n * Various TCP flood attacks, which exploit a normal three-way TCP handshake the victim server receives a heavy number of requests, resulting in the server becoming unresponsive;\n * And an STD module, which sends a random string (from a hardcoded array of strings) to a particular IP address.\n\n![](https://media.threatpost.com/wp-content/uploads/sites/103/2021/04/15120709/mirai-gafgyt.jpg)\n\nCode comparison for the HTTP DDoS module between Gafgyt and Mirai. Click to enlarge. Source: Uptycs.\n\nMeanwhile, the latest versions of Gafgyt contain new approaches for achieving initial compromise of IoT devices, Uptycs found; this is the first step in turning infected devices into bots to later perform DDoS attacks on specifically targeted IP addresses. These include a Mirai-copied module for Telnet brute-forcing, and additional exploits for existing vulnerabilities in Huawei, Realtek and GPON devices.\n\nThe Huawei exploit ([CVE-2017-17215](<https://nvd.nist.gov/vuln/detail/CVE-2017-17215>)) and the Realtek exploit ([CVE-2014-8361](<https://nvd.nist.gov/vuln/detail/CVE-2014-8361>)) are both used for remote code execution (RCE), to fetch and download the Gafgyt payload, according to the analysis.\n\n\u201cThe Gafgyt malware binary embeds RCE exploits for Huawei and Realtek routers, by which the malware binary, using \u2018wget\u2019 command, fetches the payload,\u201d according to Uptycs. \u201c[It] gives the execution permission to payload using \u2018chmod\u2019 command, [and] executes the payload.\u201d\n\nThe GPON exploit ([CVE-2018-10561](<https://nvd.nist.gov/vuln/detail/CVE-2018-10561>)) is used for authentication bypass in vulnerable Dasan GPON routers; here, the malware binary follows the same process, but can also remove the payload on command.\n\n\u201cThe IP addresses used for fetching the payloads were generally the open directories where malicious payloads for different architectures were hosted by the attacker,\u201d researchers added.\n\n## **IoT Botnet Variants Abound**\n\nIoT botnets like Gafgyt are constantly evolving. For instance, researchers in March discovered what they said is the first variant of the Gafgyt botnet family [to cloak its activity](<https://threatpost.com/d-link-iot-tor-gafgyt-variant/164529/>) using the Tor network.\n\nMirai hasn\u2019t disappeared either: a [new variant of the botnet](<https://threatpost.com/mirai-variant-sonicwall-d-link-iot/164811/>) was recently discovered targeting a slew of vulnerabilities in unpatched D-Link, Netgear and SonicWall devices. Since mid-February, the variant has been targeting six known vulnerabilities \u2013 and three previously unknown ones \u2013 in order to infect systems and add them to a botnet.\n\nIt\u2019s only the latest variant of Mirai [to come to light](<https://threatpost.com/new-mirai-variant-mukashi-targets-zyxel-nas-devices/153982/>). Last year, a version dubbed Mukashi was seen taking advantage of a pre-authentication command-injection vulnerability found in Zyxel NAS storage devices.\n\n\u201cMalware authors may not always innovate, and researchers often discover that malware authors copy and re-use leaked malware source code,\u201d Uptycs researchers said.\n\nTo protect against these kinds of botnet infections, users should regularly monitor for suspicious processes, events and network traffic spawned on the execution of any untrusted binary, researchers recommended. And, users should keep all systems and firmware updated with the latest releases and patches.\n\n**_Ever wonder what goes on in underground cybercrime forums? Find out on April 21 at 2 p.m. ET during a _****_[FREE Threatpost event](<https://threatpost.com/webinars/underground-markets-a-tour-of-the-dark-economy/?utm_source=ART&utm_medium=ART&utm_campaign=April_webinar>)_****_, \u201cUnderground Markets: A Tour of the Dark Economy.\u201d Experts from Digital Shadows (Austin Merritt), Malwarebytes (Adam Kujawa) and Sift (Kevin Lee) will take you on a guided tour of the Dark Web, including what\u2019s for sale, how much it costs, how hackers work together and the latest tools available for hackers. _****_[Register here](<https://threatpost.com/webinars/underground-markets-a-tour-of-the-dark-economy/?utm_source=ART&utm_medium=ART&utm_campaign=April_webinar>)_****_ for the Wed., April 21 LIVE event. _**\n\n**_ _**\n", "cvss3": {}, "published": "2021-04-15T16:35:53", "type": "threatpost", "title": "Gafgyt Botnet Lifts DDoS Tricks from Mirai", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2014-8361", "CVE-2017-17215", "CVE-2018-10561", "CVE-2021-24027"], "modified": "2021-04-15T16:35:53", "id": "THREATPOST:DC4DAA2C2F91148A88C3494B6E55F309", "href": "https://threatpost.com/gafgyt-botnet-ddos-mirai/165424/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "chrome": [{"lastseen": "2021-12-30T22:31:38", "description": "The Chrome team is delighted to announce the promotion of Chrome 84 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. \n\nChrome 84.0.4147.89 contains a number of fixes and improvements -- a list of changes is available in the[ log](<https://chromium.googlesource.com/chromium/src/+log/83.0.4103.116..84.0.4147.89?pretty=fuller&n=10000>). Watch out for upcoming[ Chrome](<https://chrome.blogspot.com/>) and[ Chromium](<https://blog.chromium.org/>) blog posts about new features and big efforts delivered in 84 \n\n** Security Fixes and Rewards** \n\n\n\n\n\nNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.\n\n\nThis update includes [38](<https://bugs.chromium.org/p/chromium/issues/list?can=1&q=type%3Abug-security+os%3DAndroid%2Cios%2Clinux%2Cmac%2Cwindows%2Call+label%3ARelease-0-M84>) security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the [Chrome Security Page](<https://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information. \n\n\n\n[$TBD][[1103195](<https://crbug.com/1103195>)] Critical CVE-2020-6510: Heap buffer overflow in background fetch. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-07-08\n\n[$5000][[1074317](<https://crbug.com/1074317>)] High CVE-2020-6511: Side-channel information leakage in content security policy. Reported by Mikhail Oblozhikhin on 2020-04-24\n\n[$5000][[1084820](<https://crbug.com/1084820>)] High CVE-2020-6512: Type Confusion in V8. Reported by nocma, leogan, cheneyxu of WeChat Open Platform Security Team on 2020-05-20\n\n[$2000][[1091404](<https://crbug.com/1091404>)] High CVE-2020-6513: Heap buffer overflow in PDFium. Reported by Aleksandar Nikolic of Cisco Talos on 2020-06-04\n\n[$TBD][[1076703](<https://crbug.com/1076703>)] High CVE-2020-6514: Inappropriate implementation in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-04-30\n\n[$TBD][[1082755](<https://crbug.com/1082755>)] High CVE-2020-6515: Use after free in tab strip. Reported by DDV_UA on 2020-05-14\n\n[$TBD][[1092449](<https://crbug.com/1092449>)] High CVE-2020-6516: Policy bypass in CORS. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab (\u817e\u8baf\u5b89\u5168\u7384\u6b66\u5b9e\u9a8c\u5ba4\uff09 on 2020-06-08\n\n[$TBD][[1095560](<https://crbug.com/1095560>)] High CVE-2020-6517: Heap buffer overflow in history. Reported by ZeKai Wu (@hellowuzekai) of Tencent Security Xuanwu Lab on 2020-06-16\n\n[$3000][[986051](<https://crbug.com/986051>)] Medium CVE-2020-6518: Use after free in developer tools. Reported by David Erceg on 2019-07-20\n\n[$3000][[1064676](<https://crbug.com/1064676>)] Medium CVE-2020-6519: Policy bypass in CSP. Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2019-04-23, and also by Gal Weizman (@WeizmanGal) of PerimeterX on 2020-03-25\n\n[$1000][[1092274](<https://crbug.com/1092274>)] Medium CVE-2020-6520: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-08\n\n[$500][[1075734](<https://crbug.com/1075734>)] Medium CVE-2020-6521: Side-channel information leakage in autofill. Reported by Xu Lin (University of Illinois at Chicago), Panagiotis Ilia (University of Illinois at Chicago), Jason Polakis (University of Illinois at Chicago) on 2020-04-27\n\n[$TBD][[1052093](<https://crbug.com/1052093>)] Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. Reported by Eric Lawrence of Microsoft on 2020-02-13\n\n[$N/A][[1080481](<https://crbug.com/1080481>)] Medium CVE-2020-6523: Out of bounds write in Skia. Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on 2020-05-08\n\n[$N/A][[1081722](<https://crbug.com/1081722>)] Medium CVE-2020-6524: Heap buffer overflow in WebAudio. Reported by Sung Ta (@Mipu94) of SEFCOM Lab, Arizona State University on 2020-05-12\n\n[$N/A][[1091670](<https://crbug.com/1091670>)] Medium CVE-2020-6525: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-05\n\n[$1000][[1074340](<https://crbug.com/1074340>)] Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. Reported by Jonathan Kingston on 2020-04-24\n\n[$500][[992698](<https://crbug.com/992698>)] Low CVE-2020-6527: Insufficient policy enforcement in CSP. Reported by Zhong Zhaochen of andsecurity.cn on 2019-08-10\n\n[$500][[1063690](<https://crbug.com/1063690>)] Low CVE-2020-6528: Incorrect security UI in basic auth. Reported by Rayyan Bijoora on 2020-03-22\n\n[$N/A][[978779](<https://crbug.com/978779>)] Low CVE-2020-6529: Inappropriate implementation in WebRTC. Reported by kaustubhvats7 on 2019-06-26\n\n[$N/A][[1016278](<https://crbug.com/1016278>)] Low CVE-2020-6530: Out of bounds memory access in developer tools. Reported by myvyang on 2019-10-21\n\n[$TBD][[1042986](<https://crbug.com/1042986>)] Low CVE-2020-6531: Side-channel information leakage in scroll to text. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-01-17\n\n[$N/A][[1069964](<https://crbug.com/1069964>)] Low CVE-2020-6533: Type Confusion in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-04-11\n\n[$N/A][[1072412](<https://crbug.com/1072412>)] Low CVE-2020-6534: Heap buffer overflow in WebRTC. Reported by Anonymous on 2020-04-20\n\n[$TBD][[1073409](<https://crbug.com/1073409>)] Low CVE-2020-6535: Insufficient data validation in WebUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-22\n\n[$TBD][[1080934](<https://crbug.com/1080934>)] Low CVE-2020-6536: Incorrect security UI in PWAs. Reported by Zhiyang Zeng(@Wester) of OPPO ZIWU Cyber Security Lab on 2020-05-09\n\n\n\n\nWe would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. \n\nAs usual, our ongoing internal security work was responsible for a wide range of fixes: \n\n[[1105224](<https://crbug.com/1105224>)] Various fixes from internal audits, fuzzing and other initiatives\n\n\n\n\nMany of our security bugs are detected using [AddressSanitizer](<https://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>), [MemorySanitizer](<https://code.google.com/p/memory-sanitizer/wiki/MemorySanitizer>), [UndefinedBehaviorSanitizer](<https://www.chromium.org/developers/testing/undefinedbehaviorsanitizer>), [Control Flow Integrity](<https://sites.google.com/a/chromium.org/dev/developers/testing/control-flow-integrity>), [libFuzzer](<https://sites.google.com/a/chromium.org/dev/developers/testing/libfuzzer>), or [AFL](<https://github.com/google/afl>).\n\nInterested in switching release channels? Find out how [here](<https://www.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<https://crbug.com/>). The [community help forum](<https://productforums.google.com/forum/#!forum/chrome>) is also a great place to reach out for help or learn about common issues. \n\nGoogle Chrome \nPrudhvikumar Bommana", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-07-14T00:00:00", "type": "chrome", "title": "Stable Channel Update for Desktop", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-07-14T00:00:00", "id": "GCSA-7394511674302395818", "href": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2021-07-28T18:41:39", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-08-02T01:09:48", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: chromium-84.0.4147.89-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-08-02T01:09:48", "id": "FEDORA:73D05317E17D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-07-30T17:54:07", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: chromium-84.0.4147.89-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-07-30T17:54:07", "id": "FEDORA:6C5D23486BFA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-25T14:39:49", "description": "This update for opera fixes the following issues :\n\n - Update to version 70.0.3728.71\n\n - DNA-86267 Make `Recently closed tabs` appearance consistent with `Search for open tabs`.\n\n - DNA-86988 Opera 70 translations\n\n - DNA-87530 Zen news leads not loading\n\n - DNA-87636 Fix displaying folder icon for closed windows in recently closed list\n\n - DNA-87682 Replace Extensions icon in toolbar with icon from sidebar\n\n - DNA-87756 Extend chrome.sessions.getRecentlyClosed with information about last active tab in window.\n\n - DNA-87778 Crash at opera::InstantSearchViewViews::\n ~InstantSearchViewViews()\n\n - DNA-87815 Change affiliate links for AliExpress Search\n\n - Update to version 70.0.3728.59\n\n - CHR-8010 Update chromium on desktop-stable-84-3728 to 84.0.4147.89\n\n - DNA-87019 The video image does not respond to the pressing after closed the “Quit Opera?”\n dialog\n\n - DNA-87342 Fix right padding in settings > weather section\n\n - DNA-87427 Remove unneeded information from the requests’ diagnostics\n\n - DNA-87560 Crash at views::Widget::GetNativeView()\n\n - DNA-87561 Crash at CRYPTO_BUFFER_len\n\n - DNA-87599 Bypass VPN for default search engines doesn’t work\n\n - DNA-87611 Unittests fails on declarativeNetRequest and declarativeNetRequestFeedback permissions\n\n - DNA-87612 [Mac] Misaligned icon in address bar\n\n - DNA-87619 [Win/Lin] Misaligned icon in address bar\n\n - DNA-87716 [macOS/Windows] Crash when Search in tabs is open and Opera is minimized\n\n - DNA-87749 Crash at opera::InstantSearchSuggestionLineView::\n SetIsHighlighted(bool)\n\n - The update to chromium 84.0.4147.89 fixes following issues :\n\n - CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536\n\n - Complete Opera 70.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-70/\n\n - Update to version 69.0.3686.77\n\n - DNA-84207 New Yubikey enrollment is not working\n\n - DNA-87185 Lost translation\n\n - DNA-87382 Integrate scrolling to top of the feed with the existing scroll position restoration\n\n - DNA-87535 Sort out news on start page state\n\n - DNA-87588 Merge “Prevent pointer from being sent in the clear over SCTP” to desktop-stable-83-3686\n\n - Update to version 69.0.3686.57\n\n - DNA-86682 Title case in Russian translation\n\n - DNA-86807 Title case in O69 BR Portuguese translation\n\n - DNA-87104 Right click context menu becomes scrollable sometimes\n\n - DNA-87376 Search in tabs opens significantly slower in O69\n\n - DNA-87505 [Welcome Pages][Stats] Session stats for Welcome and Upgrade pages\n\n - DNA-87535 Sort out news on start page state", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-08-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : opera (openSUSE-2020-1148)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:opera", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1148.NASL", "href": "https://www.tenable.com/plugins/nessus/139357", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1148.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139357);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-6510\", \"CVE-2020-6511\", \"CVE-2020-6512\", \"CVE-2020-6513\", \"CVE-2020-6514\", \"CVE-2020-6515\", \"CVE-2020-6516\", \"CVE-2020-6517\", \"CVE-2020-6518\", \"CVE-2020-6519\", \"CVE-2020-6520\", \"CVE-2020-6521\", \"CVE-2020-6522\", \"CVE-2020-6523\", \"CVE-2020-6524\", \"CVE-2020-6525\", \"CVE-2020-6526\", \"CVE-2020-6527\", \"CVE-2020-6528\", \"CVE-2020-6529\", \"CVE-2020-6530\", \"CVE-2020-6531\", \"CVE-2020-6533\", \"CVE-2020-6534\", \"CVE-2020-6535\", \"CVE-2020-6536\");\n\n script_name(english:\"openSUSE Security Update : opera (openSUSE-2020-1148)\");\n script_summary(english:\"Check for the openSUSE-2020-1148 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for opera fixes the following issues :\n\n - Update to version 70.0.3728.71\n\n - DNA-86267 Make `Recently closed tabs` appearance\n consistent with `Search for open tabs`.\n\n - DNA-86988 Opera 70 translations\n\n - DNA-87530 Zen news leads not loading\n\n - DNA-87636 Fix displaying folder icon for closed windows\n in recently closed list\n\n - DNA-87682 Replace Extensions icon in toolbar with icon\n from sidebar\n\n - DNA-87756 Extend chrome.sessions.getRecentlyClosed with\n information about last active tab in window.\n\n - DNA-87778 Crash at opera::InstantSearchViewViews::\n ~InstantSearchViewViews()\n\n - DNA-87815 Change affiliate links for AliExpress Search\n\n - Update to version 70.0.3728.59\n\n - CHR-8010 Update chromium on desktop-stable-84-3728 to\n 84.0.4147.89\n\n - DNA-87019 The video image does not respond to the\n pressing after closed the “Quit Opera?”\n dialog\n\n - DNA-87342 Fix right padding in settings > weather\n section\n\n - DNA-87427 Remove unneeded information from the\n requests’ diagnostics\n\n - DNA-87560 Crash at views::Widget::GetNativeView()\n\n - DNA-87561 Crash at CRYPTO_BUFFER_len\n\n - DNA-87599 Bypass VPN for default search engines\n doesn’t work\n\n - DNA-87611 Unittests fails on declarativeNetRequest and\n declarativeNetRequestFeedback permissions\n\n - DNA-87612 [Mac] Misaligned icon in address bar\n\n - DNA-87619 [Win/Lin] Misaligned icon in address bar\n\n - DNA-87716 [macOS/Windows] Crash when Search in tabs is\n open and Opera is minimized\n\n - DNA-87749 Crash at\n opera::InstantSearchSuggestionLineView::\n SetIsHighlighted(bool)\n\n - The update to chromium 84.0.4147.89 fixes following\n issues :\n\n - CVE-2020-6510, CVE-2020-6511, CVE-2020-6512,\n CVE-2020-6513, CVE-2020-6514, CVE-2020-6515,\n CVE-2020-6516, CVE-2020-6517, CVE-2020-6518,\n CVE-2020-6519, CVE-2020-6520, CVE-2020-6521,\n CVE-2020-6522, CVE-2020-6523, CVE-2020-6524,\n CVE-2020-6525, CVE-2020-6526, CVE-2020-6527,\n CVE-2020-6528, CVE-2020-6529, CVE-2020-6530,\n CVE-2020-6531, CVE-2020-6533, CVE-2020-6534,\n CVE-2020-6535, CVE-2020-6536\n\n - Complete Opera 70.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-70/\n\n - Update to version 69.0.3686.77\n\n - DNA-84207 New Yubikey enrollment is not working\n\n - DNA-87185 Lost translation\n\n - DNA-87382 Integrate scrolling to top of the feed with\n the existing scroll position restoration\n\n - DNA-87535 Sort out news on start page state\n\n - DNA-87588 Merge “Prevent pointer from being sent\n in the clear over SCTP” to desktop-stable-83-3686\n\n - Update to version 69.0.3686.57\n\n - DNA-86682 Title case in Russian translation\n\n - DNA-86807 Title case in O69 BR Portuguese translation\n\n - DNA-87104 Right click context menu becomes scrollable\n sometimes\n\n - DNA-87376 Search in tabs opens significantly slower in\n O69\n\n - DNA-87505 [Welcome Pages][Stats] Session stats for\n Welcome and Upgrade pages\n\n - DNA-87535 Sort out news on start page state\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.opera.com/desktop/changelog-for-70/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected opera package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"opera-70.0.3728.71-lp151.2.24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opera\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:40:07", "description": "This update for opera fixes the following issues :\n\n - Update to version 70.0.3728.71\n\n - DNA-86267 Make `Recently closed tabs` appearance consistent with `Search for open tabs`.\n\n - DNA-86988 Opera 70 translations\n\n - DNA-87530 Zen news leads not loading\n\n - DNA-87636 Fix displaying folder icon for closed windows in recently closed list\n\n - DNA-87682 Replace Extensions icon in toolbar with icon from sidebar\n\n - DNA-87756 Extend chrome.sessions.getRecentlyClosed with information about last active tab in window.\n\n - DNA-87778 Crash at opera::InstantSearchViewViews::\n ~InstantSearchViewViews()\n\n - DNA-87815 Change affiliate links for AliExpress Search\n\n - Update to version 70.0.3728.59\n\n - CHR-8010 Update chromium on desktop-stable-84-3728 to 84.0.4147.89\n\n - DNA-87019 The video image does not respond to the pressing after closed the “Quit Opera?”\n dialog\n\n - DNA-87342 Fix right padding in settings > weather section\n\n - DNA-87427 Remove unneeded information from the requests’ diagnostics\n\n - DNA-87560 Crash at views::Widget::GetNativeView()\n\n - DNA-87561 Crash at CRYPTO_BUFFER_len\n\n - DNA-87599 Bypass VPN for default search engines doesn’t work\n\n - DNA-87611 Unittests fails on declarativeNetRequest and declarativeNetRequestFeedback permissions\n\n - DNA-87612 [Mac] Misaligned icon in address bar\n\n - DNA-87619 [Win/Lin] Misaligned icon in address bar\n\n - DNA-87716 [macOS/Windows] Crash when Search in tabs is open and Opera is minimised\n\n - DNA-87749 Crash at opera::InstantSearchSuggestionLineView::\n SetIsHighlighted(bool)\n\n - The update to chromium 84.0.4147.89 fixes following issues :\n\n - CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513, CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517, CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521, CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525, CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529, CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534, CVE-2020-6535, CVE-2020-6536\n\n - Complete Opera 70.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-70/\n\n - Update to version 69.0.3686.77\n\n - DNA-84207 New Yubikey enrollment is not working\n\n - DNA-87185 Lost translation\n\n - DNA-87382 Integrate scrolling to top of the feed with the existing scroll position restoration\n\n - DNA-87535 Sort out news on startpage state\n\n - DNA-87588 Merge “Prevent pointer from being sent in the clear over SCTP” to desktop-stable-83-3686\n\n - Update to version 69.0.3686.57\n\n - DNA-86682 Title case in Russian translation\n\n - DNA-86807 Title case in O69 BR Portuguese translation\n\n - DNA-87104 Right click context menu becomes scrollable sometimes\n\n - DNA-87376 Search in tabs opens significantly slower in O69\n\n - DNA-87505 [Welcome Pages][Stats] Session stats for Welcome and Upgrade pages\n\n - DNA-87535 Sort out news on startpage state", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-08-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : opera (openSUSE-2020-1172)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:opera", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1172.NASL", "href": "https://www.tenable.com/plugins/nessus/139450", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1172.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139450);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-6510\", \"CVE-2020-6511\", \"CVE-2020-6512\", \"CVE-2020-6513\", \"CVE-2020-6514\", \"CVE-2020-6515\", \"CVE-2020-6516\", \"CVE-2020-6517\", \"CVE-2020-6518\", \"CVE-2020-6519\", \"CVE-2020-6520\", \"CVE-2020-6521\", \"CVE-2020-6522\", \"CVE-2020-6523\", \"CVE-2020-6524\", \"CVE-2020-6525\", \"CVE-2020-6526\", \"CVE-2020-6527\", \"CVE-2020-6528\", \"CVE-2020-6529\", \"CVE-2020-6530\", \"CVE-2020-6531\", \"CVE-2020-6533\", \"CVE-2020-6534\", \"CVE-2020-6535\", \"CVE-2020-6536\");\n\n script_name(english:\"openSUSE Security Update : opera (openSUSE-2020-1172)\");\n script_summary(english:\"Check for the openSUSE-2020-1172 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for opera fixes the following issues :\n\n - Update to version 70.0.3728.71\n\n - DNA-86267 Make `Recently closed tabs` appearance\n consistent with `Search for open tabs`.\n\n - DNA-86988 Opera 70 translations\n\n - DNA-87530 Zen news leads not loading\n\n - DNA-87636 Fix displaying folder icon for closed windows\n in recently closed list\n\n - DNA-87682 Replace Extensions icon in toolbar with icon\n from sidebar\n\n - DNA-87756 Extend chrome.sessions.getRecentlyClosed with\n information about last active tab in window.\n\n - DNA-87778 Crash at opera::InstantSearchViewViews::\n ~InstantSearchViewViews()\n\n - DNA-87815 Change affiliate links for AliExpress Search\n\n - Update to version 70.0.3728.59\n\n - CHR-8010 Update chromium on desktop-stable-84-3728 to\n 84.0.4147.89\n\n - DNA-87019 The video image does not respond to the\n pressing after closed the “Quit Opera?”\n dialog\n\n - DNA-87342 Fix right padding in settings > weather\n section\n\n - DNA-87427 Remove unneeded information from the\n requests’ diagnostics\n\n - DNA-87560 Crash at views::Widget::GetNativeView()\n\n - DNA-87561 Crash at CRYPTO_BUFFER_len\n\n - DNA-87599 Bypass VPN for default search engines\n doesn’t work\n\n - DNA-87611 Unittests fails on declarativeNetRequest and\n declarativeNetRequestFeedback permissions\n\n - DNA-87612 [Mac] Misaligned icon in address bar\n\n - DNA-87619 [Win/Lin] Misaligned icon in address bar\n\n - DNA-87716 [macOS/Windows] Crash when Search in tabs is\n open and Opera is minimised\n\n - DNA-87749 Crash at\n opera::InstantSearchSuggestionLineView::\n SetIsHighlighted(bool)\n\n - The update to chromium 84.0.4147.89 fixes following\n issues :\n\n - CVE-2020-6510, CVE-2020-6511, CVE-2020-6512,\n CVE-2020-6513, CVE-2020-6514, CVE-2020-6515,\n CVE-2020-6516, CVE-2020-6517, CVE-2020-6518,\n CVE-2020-6519, CVE-2020-6520, CVE-2020-6521,\n CVE-2020-6522, CVE-2020-6523, CVE-2020-6524,\n CVE-2020-6525, CVE-2020-6526, CVE-2020-6527,\n CVE-2020-6528, CVE-2020-6529, CVE-2020-6530,\n CVE-2020-6531, CVE-2020-6533, CVE-2020-6534,\n CVE-2020-6535, CVE-2020-6536\n\n - Complete Opera 70.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-70/\n\n - Update to version 69.0.3686.77\n\n - DNA-84207 New Yubikey enrollment is not working\n\n - DNA-87185 Lost translation\n\n - DNA-87382 Integrate scrolling to top of the feed with\n the existing scroll position restoration\n\n - DNA-87535 Sort out news on startpage state\n\n - DNA-87588 Merge “Prevent pointer from being sent\n in the clear over SCTP” to desktop-stable-83-3686\n\n - Update to version 69.0.3686.57\n\n - DNA-86682 Title case in Russian translation\n\n - DNA-86807 Title case in O69 BR Portuguese translation\n\n - DNA-87104 Right click context menu becomes scrollable\n sometimes\n\n - DNA-87376 Search in tabs opens significantly slower in\n O69\n\n - DNA-87505 [Welcome Pages][Stats] Session stats for\n Welcome and Upgrade pages\n\n - DNA-87535 Sort out news on startpage state\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.opera.com/desktop/changelog-for-70/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected opera package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"opera-70.0.3728.71-lp152.2.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opera\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:40:23", "description": "Just enough time for one more update. \n\nChromium 84.\n\nFixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530 CVE-2020-6531 CVE-2020-6533 CVE-2020-6534 CVE-2020-6535 CVE-2020-6536\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-08-03T00:00:00", "type": "nessus", "title": "Fedora 31 : chromium (2020-84d87cbd50)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-84D87CBD50.NASL", "href": "https://www.tenable.com/plugins/nessus/139261", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-84d87cbd50.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139261);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-6510\", \"CVE-2020-6511\", \"CVE-2020-6512\", \"CVE-2020-6513\", \"CVE-2020-6514\", \"CVE-2020-6515\", \"CVE-2020-6516\", \"CVE-2020-6517\", \"CVE-2020-6518\", \"CVE-2020-6519\", \"CVE-2020-6520\", \"CVE-2020-6521\", \"CVE-2020-6522\", \"CVE-2020-6523\", \"CVE-2020-6524\", \"CVE-2020-6525\", \"CVE-2020-6526\", \"CVE-2020-6527\", \"CVE-2020-6528\", \"CVE-2020-6529\", \"CVE-2020-6530\", \"CVE-2020-6531\", \"CVE-2020-6533\", \"CVE-2020-6534\", \"CVE-2020-6535\", \"CVE-2020-6536\");\n script_xref(name:\"FEDORA\", value:\"2020-84d87cbd50\");\n\n script_name(english:\"Fedora 31 : chromium (2020-84d87cbd50)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Just enough time for one more update. \n\nChromium 84.\n\nFixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513\nCVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518\nCVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523\nCVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528\nCVE-2020-6529 CVE-2020-6530 CVE-2020-6531 CVE-2020-6533 CVE-2020-6534\nCVE-2020-6535 CVE-2020-6536\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-84d87cbd50\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"chromium-84.0.4147.89-1.fc31\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:37:24", "description": "Just enough time for one more update. \n\nChromium 84.\n\nFixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530 CVE-2020-6531 CVE-2020-6533 CVE-2020-6534 CVE-2020-6535 CVE-2020-6536\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "Fedora 32 : chromium (2020-bf684961d9)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:chromium", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-BF684961D9.NASL", "href": "https://www.tenable.com/plugins/nessus/139106", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-bf684961d9.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139106);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-6510\", \"CVE-2020-6511\", \"CVE-2020-6512\", \"CVE-2020-6513\", \"CVE-2020-6514\", \"CVE-2020-6515\", \"CVE-2020-6516\", \"CVE-2020-6517\", \"CVE-2020-6518\", \"CVE-2020-6519\", \"CVE-2020-6520\", \"CVE-2020-6521\", \"CVE-2020-6522\", \"CVE-2020-6523\", \"CVE-2020-6524\", \"CVE-2020-6525\", \"CVE-2020-6526\", \"CVE-2020-6527\", \"CVE-2020-6528\", \"CVE-2020-6529\", \"CVE-2020-6530\", \"CVE-2020-6531\", \"CVE-2020-6533\", \"CVE-2020-6534\", \"CVE-2020-6535\", \"CVE-2020-6536\");\n script_xref(name:\"FEDORA\", value:\"2020-bf684961d9\");\n\n script_name(english:\"Fedora 32 : chromium (2020-bf684961d9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Just enough time for one more update. \n\nChromium 84.\n\nFixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513\nCVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518\nCVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523\nCVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528\nCVE-2020-6529 CVE-2020-6530 CVE-2020-6531 CVE-2020-6533 CVE-2020-6534\nCVE-2020-6535 CVE-2020-6536\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-bf684961d9\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected chromium package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"chromium-84.0.4147.89-1.fc32\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromium\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:38:45", "description": "The version of Microsoft Edge (Chromium) installed on the remote Windows host is prior to 84.0.522.40. It is, therefore, affected by multiple vulnerabilities :\n\n - Heap-based buffer overflow in PDFium allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (CVE-2020-6513)\n\n - Use after free in tab strip allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2020-6515)\n\n - Out of bounds write in Skia allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2020-6523)\n\nIn addition, Microsoft Edge (Chromium) is also affected by several additional vulnerabilities including additional use-after-free vulnerabilities, multiple heap-based buffer overflow conditions, privilege escalation, type confusion, and insufficient policy enforcements.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-28T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 84.0.522.40 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1341", "CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_84_0_522_40.NASL", "href": "https://www.tenable.com/plugins/nessus/139034", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139034);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-1341\",\n \"CVE-2020-6510\",\n \"CVE-2020-6511\",\n \"CVE-2020-6512\",\n \"CVE-2020-6513\",\n \"CVE-2020-6514\",\n \"CVE-2020-6515\",\n \"CVE-2020-6516\",\n \"CVE-2020-6517\",\n \"CVE-2020-6518\",\n \"CVE-2020-6519\",\n \"CVE-2020-6520\",\n \"CVE-2020-6522\",\n \"CVE-2020-6523\",\n \"CVE-2020-6524\",\n \"CVE-2020-6525\",\n \"CVE-2020-6526\",\n \"CVE-2020-6527\",\n \"CVE-2020-6528\",\n \"CVE-2020-6529\",\n \"CVE-2020-6530\",\n \"CVE-2020-6531\",\n \"CVE-2020-6533\",\n \"CVE-2020-6534\",\n \"CVE-2020-6535\",\n \"CVE-2020-6536\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0302-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 84.0.522.40 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge (Chromium) installed on the remote Windows host is prior to 84.0.522.40. It is,\ntherefore, affected by multiple vulnerabilities :\n\n - Heap-based buffer overflow in PDFium allowed a remote attacker to potentially exploit heap corruption via a\n crafted PDF file. (CVE-2020-6513)\n\n - Use after free in tab strip allowed a remote attacker to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2020-6515)\n\n - Out of bounds write in Skia allowed a remote attacker to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2020-6523)\n\nIn addition, Microsoft Edge (Chromium) is also affected by several additional vulnerabilities including additional\nuse-after-free vulnerabilities, multiple heap-based buffer overflow conditions, privilege escalation, type confusion,\nand insufficient policy enforcements.\");\n # https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200002\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b4f0f972\");\n # https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2ec7f076\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge (Chromium) 84.0.522.40 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-6522\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\n\nconstraints = [{ 'fixed_version' : '84.0.522.40' }];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:38:49", "description": "This update for chromium fixes the following issues :\n\n - Update to 84.0.4147.89 boo#1174189 :\n\n - Critical CVE-2020-6510: Heap buffer overflow in background fetch. \n\n - High CVE-2020-6511: Side-channel information leakage in content security policy. \n\n - High CVE-2020-6512: Type Confusion in V8. \n\n - High CVE-2020-6513: Heap buffer overflow in PDFium. \n\n - High CVE-2020-6514: Inappropriate implementation in WebRTC. \n\n - High CVE-2020-6515: Use after free in tab strip. \n\n - High CVE-2020-6516: Policy bypass in CORS. \n\n - High CVE-2020-6517: Heap buffer overflow in history. \n\n - Medium CVE-2020-6518: Use after free in developer tools. \n\n - Medium CVE-2020-6519: Policy bypass in CSP. \n\n - Medium CVE-2020-6520: Heap buffer overflow in Skia. \n\n - Medium CVE-2020-6521: Side-channel information leakage in autofill.\n\n - Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. \n\n - Medium CVE-2020-6523: Out of bounds write in Skia. \n\n - Medium CVE-2020-6524: Heap buffer overflow in WebAudio. \n\n - Medium CVE-2020-6525: Heap buffer overflow in Skia. \n\n - Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. \n\n - Low CVE-2020-6527: Insufficient policy enforcement in CSP. \n\n - Low CVE-2020-6528: Incorrect security UI in basic auth. \n\n - Low CVE-2020-6529: Inappropriate implementation in WebRTC. \n\n - Low CVE-2020-6530: Out of bounds memory access in developer tools. \n\n - Low CVE-2020-6531: Side-channel information leakage in scroll to text. \n\n - Low CVE-2020-6533: Type Confusion in V8. \n\n - Low CVE-2020-6534: Heap buffer overflow in WebRTC. \n\n - Low CVE-2020-6535: Insufficient data validation in WebUI. \n\n - Low CVE-2020-6536: Incorrect security UI in PWAs.\n\n - Use bundled xcb-proto as we need to generate py2 bindings\n\n - Try to fix non-wayland build for Leap builds", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-2020-1021)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1021.NASL", "href": "https://www.tenable.com/plugins/nessus/138788", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1021.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138788);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-6510\", \"CVE-2020-6511\", \"CVE-2020-6512\", \"CVE-2020-6513\", \"CVE-2020-6514\", \"CVE-2020-6515\", \"CVE-2020-6516\", \"CVE-2020-6517\", \"CVE-2020-6518\", \"CVE-2020-6519\", \"CVE-2020-6520\", \"CVE-2020-6521\", \"CVE-2020-6522\", \"CVE-2020-6523\", \"CVE-2020-6524\", \"CVE-2020-6525\", \"CVE-2020-6526\", \"CVE-2020-6527\", \"CVE-2020-6528\", \"CVE-2020-6529\", \"CVE-2020-6530\", \"CVE-2020-6531\", \"CVE-2020-6533\", \"CVE-2020-6534\", \"CVE-2020-6535\", \"CVE-2020-6536\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2020-1021)\");\n script_summary(english:\"Check for the openSUSE-2020-1021 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for chromium fixes the following issues :\n\n - Update to 84.0.4147.89 boo#1174189 :\n\n - Critical CVE-2020-6510: Heap buffer overflow in\n background fetch. \n\n - High CVE-2020-6511: Side-channel information leakage in\n content security policy. \n\n - High CVE-2020-6512: Type Confusion in V8. \n\n - High CVE-2020-6513: Heap buffer overflow in PDFium. \n\n - High CVE-2020-6514: Inappropriate implementation in\n WebRTC. \n\n - High CVE-2020-6515: Use after free in tab strip. \n\n - High CVE-2020-6516: Policy bypass in CORS. \n\n - High CVE-2020-6517: Heap buffer overflow in history. \n\n - Medium CVE-2020-6518: Use after free in developer tools. \n\n - Medium CVE-2020-6519: Policy bypass in CSP. \n\n - Medium CVE-2020-6520: Heap buffer overflow in Skia. \n\n - Medium CVE-2020-6521: Side-channel information leakage\n in autofill.\n\n - Medium CVE-2020-6522: Inappropriate implementation in\n external protocol handlers. \n\n - Medium CVE-2020-6523: Out of bounds write in Skia. \n\n - Medium CVE-2020-6524: Heap buffer overflow in WebAudio. \n\n - Medium CVE-2020-6525: Heap buffer overflow in Skia. \n\n - Low CVE-2020-6526: Inappropriate implementation in\n iframe sandbox. \n\n - Low CVE-2020-6527: Insufficient policy enforcement in\n CSP. \n\n - Low CVE-2020-6528: Incorrect security UI in basic auth. \n\n - Low CVE-2020-6529: Inappropriate implementation in\n WebRTC. \n\n - Low CVE-2020-6530: Out of bounds memory access in\n developer tools. \n\n - Low CVE-2020-6531: Side-channel information leakage in\n scroll to text. \n\n - Low CVE-2020-6533: Type Confusion in V8. \n\n - Low CVE-2020-6534: Heap buffer overflow in WebRTC. \n\n - Low CVE-2020-6535: Insufficient data validation in\n WebUI. \n\n - Low CVE-2020-6536: Incorrect security UI in PWAs.\n\n - Use bundled xcb-proto as we need to generate py2\n bindings\n\n - Try to fix non-wayland build for Leap builds\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174189\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromedriver-84.0.4147.89-lp151.2.109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromedriver-debuginfo-84.0.4147.89-lp151.2.109.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromium-84.0.4147.89-lp151.2.109.1\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromium-debuginfo-84.0.4147.89-lp151.2.109.1\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"chromium-debugsource-84.0.4147.89-lp151.2.109.1\", allowmaj:TRUE) ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:37:56", "description": "This update for chromium fixes the following issues :\n\n - Update to 84.0.4147.89 boo#1174189 :\n\n - Critical CVE-2020-6510: Heap buffer overflow in background fetch. \n\n - High CVE-2020-6511: Side-channel information leakage in content security policy. \n\n - High CVE-2020-6512: Type Confusion in V8. \n\n - High CVE-2020-6513: Heap buffer overflow in PDFium. \n\n - High CVE-2020-6514: Inappropriate implementation in WebRTC. \n\n - High CVE-2020-6515: Use after free in tab strip. \n\n - High CVE-2020-6516: Policy bypass in CORS. \n\n - High CVE-2020-6517: Heap buffer overflow in history. \n\n - Medium CVE-2020-6518: Use after free in developer tools. \n\n - Medium CVE-2020-6519: Policy bypass in CSP. \n\n - Medium CVE-2020-6520: Heap buffer overflow in Skia. \n\n - Medium CVE-2020-6521: Side-channel information leakage in autofill.\n\n - Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. \n\n - Medium CVE-2020-6523: Out of bounds write in Skia. \n\n - Medium CVE-2020-6524: Heap buffer overflow in WebAudio. \n\n - Medium CVE-2020-6525: Heap buffer overflow in Skia. \n\n - Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. \n\n - Low CVE-2020-6527: Insufficient policy enforcement in CSP. \n\n - Low CVE-2020-6528: Incorrect security UI in basic auth. \n\n - Low CVE-2020-6529: Inappropriate implementation in WebRTC. \n\n - Low CVE-2020-6530: Out of bounds memory access in developer tools. \n\n - Low CVE-2020-6531: Side-channel information leakage in scroll to text. \n\n - Low CVE-2020-6533: Type Confusion in V8. \n\n - Low CVE-2020-6534: Heap buffer overflow in WebRTC. \n\n - Low CVE-2020-6535: Insufficient data validation in WebUI. \n\n - Low CVE-2020-6536: Incorrect security UI in PWAs.\n\n - Use bundled xcb-proto as we need to generate py2 bindings\n\n - Try to fix non-wayland build for Leap builds", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : chromium (openSUSE-2020-1020)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromedriver-debuginfo", "p-cpe:/a:novell:opensuse:chromium", "p-cpe:/a:novell:opensuse:chromium-debuginfo", "p-cpe:/a:novell:opensuse:chromium-debugsource", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1020.NASL", "href": "https://www.tenable.com/plugins/nessus/138787", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1020.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138787);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-6510\", \"CVE-2020-6511\", \"CVE-2020-6512\", \"CVE-2020-6513\", \"CVE-2020-6514\", \"CVE-2020-6515\", \"CVE-2020-6516\", \"CVE-2020-6517\", \"CVE-2020-6518\", \"CVE-2020-6519\", \"CVE-2020-6520\", \"CVE-2020-6521\", \"CVE-2020-6522\", \"CVE-2020-6523\", \"CVE-2020-6524\", \"CVE-2020-6525\", \"CVE-2020-6526\", \"CVE-2020-6527\", \"CVE-2020-6528\", \"CVE-2020-6529\", \"CVE-2020-6530\", \"CVE-2020-6531\", \"CVE-2020-6533\", \"CVE-2020-6534\", \"CVE-2020-6535\", \"CVE-2020-6536\");\n\n script_name(english:\"openSUSE Security Update : chromium (openSUSE-2020-1020)\");\n script_summary(english:\"Check for the openSUSE-2020-1020 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for chromium fixes the following issues :\n\n - Update to 84.0.4147.89 boo#1174189 :\n\n - Critical CVE-2020-6510: Heap buffer overflow in\n background fetch. \n\n - High CVE-2020-6511: Side-channel information leakage in\n content security policy. \n\n - High CVE-2020-6512: Type Confusion in V8. \n\n - High CVE-2020-6513: Heap buffer overflow in PDFium. \n\n - High CVE-2020-6514: Inappropriate implementation in\n WebRTC. \n\n - High CVE-2020-6515: Use after free in tab strip. \n\n - High CVE-2020-6516: Policy bypass in CORS. \n\n - High CVE-2020-6517: Heap buffer overflow in history. \n\n - Medium CVE-2020-6518: Use after free in developer tools. \n\n - Medium CVE-2020-6519: Policy bypass in CSP. \n\n - Medium CVE-2020-6520: Heap buffer overflow in Skia. \n\n - Medium CVE-2020-6521: Side-channel information leakage\n in autofill.\n\n - Medium CVE-2020-6522: Inappropriate implementation in\n external protocol handlers. \n\n - Medium CVE-2020-6523: Out of bounds write in Skia. \n\n - Medium CVE-2020-6524: Heap buffer overflow in WebAudio. \n\n - Medium CVE-2020-6525: Heap buffer overflow in Skia. \n\n - Low CVE-2020-6526: Inappropriate implementation in\n iframe sandbox. \n\n - Low CVE-2020-6527: Insufficient policy enforcement in\n CSP. \n\n - Low CVE-2020-6528: Incorrect security UI in basic auth. \n\n - Low CVE-2020-6529: Inappropriate implementation in\n WebRTC. \n\n - Low CVE-2020-6530: Out of bounds memory access in\n developer tools. \n\n - Low CVE-2020-6531: Side-channel information leakage in\n scroll to text. \n\n - Low CVE-2020-6533: Type Confusion in V8. \n\n - Low CVE-2020-6534: Heap buffer overflow in WebRTC. \n\n - Low CVE-2020-6535: Insufficient data validation in\n WebUI. \n\n - Low CVE-2020-6536: Incorrect security UI in PWAs.\n\n - Use bundled xcb-proto as we need to generate py2\n bindings\n\n - Try to fix non-wayland build for Leap builds\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174189\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected chromium packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromedriver-84.0.4147.89-lp152.2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromedriver-debuginfo-84.0.4147.89-lp152.2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromium-84.0.4147.89-lp152.2.6.2\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromium-debuginfo-84.0.4147.89-lp152.2.6.2\", allowmaj:TRUE) ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"chromium-debugsource-84.0.4147.89-lp152.2.6.2\", allowmaj:TRUE) ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"chromedriver / chromedriver-debuginfo / chromium / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:37:02", "description": "The version of Google Chrome installed on the remote Windows host is prior to 84.0.4147.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-14T00:00:00", "type": "nessus", "title": "Google Chrome < 84.0.4147.89 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_84_0_4147_89.NASL", "href": "https://www.tenable.com/plugins/nessus/138449", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138449);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-6510\",\n \"CVE-2020-6511\",\n \"CVE-2020-6512\",\n \"CVE-2020-6513\",\n \"CVE-2020-6514\",\n \"CVE-2020-6515\",\n \"CVE-2020-6516\",\n \"CVE-2020-6517\",\n \"CVE-2020-6518\",\n \"CVE-2020-6519\",\n \"CVE-2020-6520\",\n \"CVE-2020-6521\",\n \"CVE-2020-6522\",\n \"CVE-2020-6523\",\n \"CVE-2020-6524\",\n \"CVE-2020-6525\",\n \"CVE-2020-6526\",\n \"CVE-2020-6527\",\n \"CVE-2020-6528\",\n \"CVE-2020-6529\",\n \"CVE-2020-6530\",\n \"CVE-2020-6531\",\n \"CVE-2020-6533\",\n \"CVE-2020-6534\",\n \"CVE-2020-6535\",\n \"CVE-2020-6536\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0314-S\");\n\n script_name(english:\"Google Chrome < 84.0.4147.89 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 84.0.4147.89. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop advisory. Note that Nessus\nhas not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1095560\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/986051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1064676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1092274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1075734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1052093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1080481\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1081722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1091670\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1074340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/992698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1063690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/978779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1016278\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1042986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1069964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1072412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1073409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1080934\");\n # https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?96792814\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1103195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1074317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1084820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1091404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1076703\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1082755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1092449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1095560\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/986051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1064676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1092274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1075734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1052093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1080481\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1081722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1091670\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1074340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/992698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1063690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/978779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1016278\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1042986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1069964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1072412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1073409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1080934\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 84.0.4147.89 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-6522\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\ninstalls = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'84.0.4147.89', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:37:26", "description": "The version of Google Chrome installed on the remote macOS host is prior to 84.0.4147.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-14T00:00:00", "type": "nessus", "title": "Google Chrome < 84.0.4147.89 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_84_0_4147_89.NASL", "href": "https://www.tenable.com/plugins/nessus/138448", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138448);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-6510\",\n \"CVE-2020-6511\",\n \"CVE-2020-6512\",\n \"CVE-2020-6513\",\n \"CVE-2020-6514\",\n \"CVE-2020-6515\",\n \"CVE-2020-6516\",\n \"CVE-2020-6517\",\n \"CVE-2020-6518\",\n \"CVE-2020-6519\",\n \"CVE-2020-6520\",\n \"CVE-2020-6521\",\n \"CVE-2020-6522\",\n \"CVE-2020-6523\",\n \"CVE-2020-6524\",\n \"CVE-2020-6525\",\n \"CVE-2020-6526\",\n \"CVE-2020-6527\",\n \"CVE-2020-6528\",\n \"CVE-2020-6529\",\n \"CVE-2020-6530\",\n \"CVE-2020-6531\",\n \"CVE-2020-6533\",\n \"CVE-2020-6534\",\n \"CVE-2020-6535\",\n \"CVE-2020-6536\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0314-S\");\n\n script_name(english:\"Google Chrome < 84.0.4147.89 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 84.0.4147.89. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2020_07_stable-channel-update-for-desktop advisory. Note that Nessus has\nnot tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1095560\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/986051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1064676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1092274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1075734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1052093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1080481\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1081722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1091670\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1074340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/992698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1063690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/978779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1016278\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1042986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1069964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1072412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1073409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1080934\");\n # https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?96792814\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1103195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1074317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1084820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1091404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1076703\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1082755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1092449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1095560\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/986051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1064676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1092274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1075734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1052093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1080481\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1081722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1091670\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1074340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/992698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1063690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/978779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1016278\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1042986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1069964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1072412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1073409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1080934\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 84.0.4147.89 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-6522\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'84.0.4147.89', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:38:17", "description": "Chrome Releases reports :\n\nThis update contains 38 security fixes, including :\n\n- [1103195] Critical CVE-2020-6510: Heap buffer overflow in background fetch. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-07-08\n\n- [1074317] High CVE-2020-6511: Side-channel information leakage in content security policy. Reported by Mikhail Oblozhikhin on 2020-04-24\n\n- [1084820] High CVE-2020-6512: Type Confusion in V8. Reported by nocma, leogan, cheneyxu of WeChat Open Platform Security Team on 2020-05-20\n\n- [1091404] High CVE-2020-6513: Heap buffer overflow in PDFium.\nReported by Aleksandar Nikolic of Cisco Talos on 2020-06-04\n\n- [1076703] High CVE-2020-6514: Inappropriate implementation in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-04-30\n\n- [1082755] High CVE-2020-6515: Use after free in tab strip. Reported by DDV_UA on 2020-05-14\n\n- [1092449] High CVE-2020-6516: Policy bypass in CORS. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-08\n\n- [1095560] High CVE-2020-6517: Heap buffer overflow in history.\nReported by ZeKai Wu (@hellowuzekai) of Tencent Security Xuanwu Lab on 2020-06-16\n\n- [986051] Medium CVE-2020-6518: Use after free in developer tools.\nReported by David Erceg on 2019-07-20\n\n- [1064676] Medium CVE-2020-6519: Policy bypass in CSP. Reported by Gal Weizman (@WeizmanGal) of PerimeterX on 2020-03-25\n\n- [1092274] Medium CVE-2020-6520: Heap buffer overflow in Skia.\nReported by Zhen Zhou of NSFOCUS Security Team on 2020-06-08\n\n- [1075734] Medium CVE-2020-6521: Side-channel information leakage in autofill. Reported by Xu Lin (University of Illinois at Chicago), Panagiotis Ilia (University of Illinois at Chicago), Jason Polakis (University of Illinois at Chicago) on 2020-04-27\n\n- [1052093] Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. Reported by Eric Lawrence of Microsoft on 2020-02-13\n\n- [1080481] Medium CVE-2020-6523: Out of bounds write in Skia.\nReported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on 2020-05-08\n\n- [1081722] Medium CVE-2020-6524: Heap buffer overflow in WebAudio.\nReported by Sung Ta (@Mipu94) of SEFCOM Lab, Arizona State University on 2020-05-12\n\n- [1091670] Medium CVE-2020-6525: Heap buffer overflow in Skia.\nReported by Zhen Zhou of NSFOCUS Security Team on 2020-06-05\n\n- [1074340] Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. Reported by Jonathan Kingston on 2020-04-24\n\n- [992698] Low CVE-2020-6527: Insufficient policy enforcement in CSP.\nReported by Zhong Zhaochen of andsecurity.cn on 2019-08-10\n\n- [1063690] Low CVE-2020-6528: Incorrect security UI in basic auth.\nReported by Rayyan Bijoora on 2020-03-22\n\n- [978779] Low CVE-2020-6529: Inappropriate implementation in WebRTC.\nReported by kaustubhvats7 on 2019-06-26\n\n- [1016278] Low CVE-2020-6530: Out of bounds memory access in developer tools. Reported by myvyang on 2019-10-21\n\n- [1042986] Low CVE-2020-6531: Side-channel information leakage in scroll to text. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-01-17\n\n- [1069964] Low CVE-2020-6533: Type Confusion in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-04-11\n\n- [1072412] Low CVE-2020-6534: Heap buffer overflow in WebRTC.\nReported by Anonymous on 2020-04-20\n\n- [1073409] Low CVE-2020-6535: Insufficient data validation in WebUI.\nReported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-22\n\n- [1080934] Low CVE-2020-6536: Incorrect security UI in PWAs. Reported by Zhiyang Zeng of Tencent security platform department on 2020-05-09", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-16T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (870d59b0-c6c4-11ea-8015-e09467587c17)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_870D59B0C6C411EA8015E09467587C17.NASL", "href": "https://www.tenable.com/plugins/nessus/138537", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138537);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-6510\",\n \"CVE-2020-6511\",\n \"CVE-2020-6512\",\n \"CVE-2020-6513\",\n \"CVE-2020-6514\",\n \"CVE-2020-6515\",\n \"CVE-2020-6516\",\n \"CVE-2020-6517\",\n \"CVE-2020-6518\",\n \"CVE-2020-6519\",\n \"CVE-2020-6520\",\n \"CVE-2020-6521\",\n \"CVE-2020-6522\",\n \"CVE-2020-6523\",\n \"CVE-2020-6524\",\n \"CVE-2020-6525\",\n \"CVE-2020-6526\",\n \"CVE-2020-6527\",\n \"CVE-2020-6528\",\n \"CVE-2020-6529\",\n \"CVE-2020-6530\",\n \"CVE-2020-6531\",\n \"CVE-2020-6533\",\n \"CVE-2020-6534\",\n \"CVE-2020-6535\",\n \"CVE-2020-6536\"\n );\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (870d59b0-c6c4-11ea-8015-e09467587c17)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Chrome Releases reports :\n\nThis update contains 38 security fixes, including :\n\n- [1103195] Critical CVE-2020-6510: Heap buffer overflow in background\nfetch. Reported by Leecraso and Guang Gong of 360 Alpha Lab working\nwith 360 BugCloud on 2020-07-08\n\n- [1074317] High CVE-2020-6511: Side-channel information leakage in\ncontent security policy. Reported by Mikhail Oblozhikhin on 2020-04-24\n\n- [1084820] High CVE-2020-6512: Type Confusion in V8. Reported by\nnocma, leogan, cheneyxu of WeChat Open Platform Security Team on\n2020-05-20\n\n- [1091404] High CVE-2020-6513: Heap buffer overflow in PDFium.\nReported by Aleksandar Nikolic of Cisco Talos on 2020-06-04\n\n- [1076703] High CVE-2020-6514: Inappropriate implementation in\nWebRTC. Reported by Natalie Silvanovich of Google Project Zero on\n2020-04-30\n\n- [1082755] High CVE-2020-6515: Use after free in tab strip. Reported\nby DDV_UA on 2020-05-14\n\n- [1092449] High CVE-2020-6516: Policy bypass in CORS. Reported by\nYongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security\nXuanwu Lab on 2020-06-08\n\n- [1095560] High CVE-2020-6517: Heap buffer overflow in history.\nReported by ZeKai Wu (@hellowuzekai) of Tencent Security Xuanwu Lab on\n2020-06-16\n\n- [986051] Medium CVE-2020-6518: Use after free in developer tools.\nReported by David Erceg on 2019-07-20\n\n- [1064676] Medium CVE-2020-6519: Policy bypass in CSP. Reported by\nGal Weizman (@WeizmanGal) of PerimeterX on 2020-03-25\n\n- [1092274] Medium CVE-2020-6520: Heap buffer overflow in Skia.\nReported by Zhen Zhou of NSFOCUS Security Team on 2020-06-08\n\n- [1075734] Medium CVE-2020-6521: Side-channel information leakage in\nautofill. Reported by Xu Lin (University of Illinois at Chicago),\nPanagiotis Ilia (University of Illinois at Chicago), Jason Polakis\n(University of Illinois at Chicago) on 2020-04-27\n\n- [1052093] Medium CVE-2020-6522: Inappropriate implementation in\nexternal protocol handlers. Reported by Eric Lawrence of Microsoft on\n2020-02-13\n\n- [1080481] Medium CVE-2020-6523: Out of bounds write in Skia.\nReported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on\n2020-05-08\n\n- [1081722] Medium CVE-2020-6524: Heap buffer overflow in WebAudio.\nReported by Sung Ta (@Mipu94) of SEFCOM Lab, Arizona State University\non 2020-05-12\n\n- [1091670] Medium CVE-2020-6525: Heap buffer overflow in Skia.\nReported by Zhen Zhou of NSFOCUS Security Team on 2020-06-05\n\n- [1074340] Low CVE-2020-6526: Inappropriate implementation in iframe\nsandbox. Reported by Jonathan Kingston on 2020-04-24\n\n- [992698] Low CVE-2020-6527: Insufficient policy enforcement in CSP.\nReported by Zhong Zhaochen of andsecurity.cn on 2019-08-10\n\n- [1063690] Low CVE-2020-6528: Incorrect security UI in basic auth.\nReported by Rayyan Bijoora on 2020-03-22\n\n- [978779] Low CVE-2020-6529: Inappropriate implementation in WebRTC.\nReported by kaustubhvats7 on 2019-06-26\n\n- [1016278] Low CVE-2020-6530: Out of bounds memory access in\ndeveloper tools. Reported by myvyang on 2019-10-21\n\n- [1042986] Low CVE-2020-6531: Side-channel information leakage in\nscroll to text. Reported by Jun Kokatsu, Microsoft Browser\nVulnerability Research on 2020-01-17\n\n- [1069964] Low CVE-2020-6533: Type Confusion in V8. Reported by\nAvihay Cohen @ SeraphicAlgorithms on 2020-04-11\n\n- [1072412] Low CVE-2020-6534: Heap buffer overflow in WebRTC.\nReported by Anonymous on 2020-04-20\n\n- [1073409] Low CVE-2020-6535: Insufficient data validation in WebUI.\nReported by Jun Kokatsu, Microsoft Browser Vulnerability Research on\n2020-04-22\n\n- [1080934] Low CVE-2020-6536: Incorrect security UI in PWAs. Reported\nby Zhiyang Zeng of Tencent security platform department on 2020-05-09\");\n # https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?96792814\");\n # https://vuxml.freebsd.org/freebsd/870d59b0-c6c4-11ea-8015-e09467587c17.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?409aa410\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-6522\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<84.0.4147.89\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:15:44", "description": "The remote host is affected by the vulnerability described in GLSA-202007-08 (Chromium, Google Chrome: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "GLSA-202007-08 : Chromium, Google Chrome: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6505", "CVE-2020-6506", "CVE-2020-6507", "CVE-2020-6509", "CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "p-cpe:/a:gentoo:linux:google-chrome", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202007-08.NASL", "href": "https://www.tenable.com/plugins/nessus/138931", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-08.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138931);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-6505\", \"CVE-2020-6506\", \"CVE-2020-6507\", \"CVE-2020-6509\", \"CVE-2020-6510\", \"CVE-2020-6511\", \"CVE-2020-6512\", \"CVE-2020-6513\", \"CVE-2020-6514\", \"CVE-2020-6515\", \"CVE-2020-6516\", \"CVE-2020-6517\", \"CVE-2020-6518\", \"CVE-2020-6519\", \"CVE-2020-6520\", \"CVE-2020-6521\", \"CVE-2020-6522\", \"CVE-2020-6523\", \"CVE-2020-6524\", \"CVE-2020-6525\", \"CVE-2020-6526\", \"CVE-2020-6527\", \"CVE-2020-6528\", \"CVE-2020-6529\", \"CVE-2020-6530\", \"CVE-2020-6531\", \"CVE-2020-6533\", \"CVE-2020-6534\", \"CVE-2020-6535\", \"CVE-2020-6536\");\n script_xref(name:\"GLSA\", value:\"202007-08\");\n\n script_name(english:\"GLSA-202007-08 : Chromium, Google Chrome: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-08\n(Chromium, Google Chrome: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Chromium and Google\n Chrome. Please review the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202007-08\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Chromium users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/chromium-84.0.4147.89'\n All Google Chrome users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-client/google-chrome-84.0.4147.89'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:google-chrome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/chromium\", unaffected:make_list(\"ge 84.0.4147.89\"), vulnerable:make_list(\"lt 84.0.4147.89\"))) flag++;\nif (qpkg_check(package:\"www-client/google-chrome\", unaffected:make_list(\"ge 84.0.4147.89\"), vulnerable:make_list(\"lt 84.0.4147.89\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / Google Chrome\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:42:12", "description": "The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3377 advisory.\n\n - chromium-browser: Heap buffer overflow in background fetch (CVE-2020-6510)\n\n - chromium-browser: Side-channel information leakage in content security policy (CVE-2020-6511)\n\n - chromium-browser: Type Confusion in V8 (CVE-2020-6512, CVE-2020-6533, CVE-2020-6537)\n\n - chromium-browser: Heap buffer overflow in PDFium (CVE-2020-6513)\n\n - chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514, CVE-2020-6529)\n\n - chromium-browser: Use after free in tab strip (CVE-2020-6515)\n\n - chromium-browser: Policy bypass in CORS (CVE-2020-6516)\n\n - chromium-browser: Heap buffer overflow in history (CVE-2020-6517)\n\n - chromium-browser: Use after free in developer tools (CVE-2020-6518)\n\n - chromium-browser: Policy bypass in CSP (CVE-2020-6519)\n\n - chromium-browser: Heap buffer overflow in Skia (CVE-2020-6520, CVE-2020-6525, CVE-2020-6540)\n\n - chromium-browser: Side-channel information leakage in autofill (CVE-2020-6521)\n\n - chromium-browser: Inappropriate implementation in external protocol handlers (CVE-2020-6522)\n\n - chromium-browser: Out of bounds write in Skia (CVE-2020-6523)\n\n - chromium-browser: Heap buffer overflow in WebAudio (CVE-2020-6524)\n\n - chromium-browser: Inappropriate implementation in iframe sandbox (CVE-2020-6526)\n\n - chromium-browser: Insufficient policy enforcement in CSP (CVE-2020-6527)\n\n - chromium-browser: Incorrect security UI in basic auth (CVE-2020-6528)\n\n - chromium-browser: Out of bounds memory access in developer tools (CVE-2020-6530)\n\n - chromium-browser: Side-channel information leakage in scroll to text (CVE-2020-6531)\n\n - chromium-browser: Use after free in SCTP (CVE-2020-6532)\n\n - chromium-browser: Heap buffer overflow in WebRTC (CVE-2020-6534)\n\n - chromium-browser: Insufficient data validation in WebUI (CVE-2020-6535)\n\n - chromium-browser: Incorrect security UI in PWAs (CVE-2020-6536)\n\n - chromium-browser: Inappropriate implementation in WebView (CVE-2020-6538)\n\n - chromium-browser: Use after free in CSS (CVE-2020-6539)\n\n - chromium-browser: Use after free in WebUSB (CVE-2020-6541)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-08-10T00:00:00", "type": "nessus", "title": "RHEL 6 : chromium-browser (RHSA-2020:3377)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6532", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536", "CVE-2020-6537", "CVE-2020-6538", "CVE-2020-6539", "CVE-2020-6540", "CVE-2020-6541"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:6.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:chromium-browser:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_els:6:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-3377.NASL", "href": "https://www.tenable.com/plugins/nessus/139467", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3377. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139467);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-6510\",\n \"CVE-2020-6511\",\n \"CVE-2020-6512\",\n \"CVE-2020-6513\",\n \"CVE-2020-6514\",\n \"CVE-2020-6515\",\n \"CVE-2020-6516\",\n \"CVE-2020-6517\",\n \"CVE-2020-6518\",\n \"CVE-2020-6519\",\n \"CVE-2020-6520\",\n \"CVE-2020-6521\",\n \"CVE-2020-6522\",\n \"CVE-2020-6523\",\n \"CVE-2020-6524\",\n \"CVE-2020-6525\",\n \"CVE-2020-6526\",\n \"CVE-2020-6527\",\n \"CVE-2020-6528\",\n \"CVE-2020-6529\",\n \"CVE-2020-6530\",\n \"CVE-2020-6531\",\n \"CVE-2020-6532\",\n \"CVE-2020-6533\",\n \"CVE-2020-6534\",\n \"CVE-2020-6535\",\n \"CVE-2020-6536\",\n \"CVE-2020-6537\",\n \"CVE-2020-6538\",\n \"CVE-2020-6539\",\n \"CVE-2020-6540\",\n \"CVE-2020-6541\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3377\");\n script_xref(name:\"IAVA\", value:\"2020-A-0314-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0342-S\");\n\n script_name(english:\"RHEL 6 : chromium-browser (RHSA-2020:3377)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3377 advisory.\n\n - chromium-browser: Heap buffer overflow in background fetch (CVE-2020-6510)\n\n - chromium-browser: Side-channel information leakage in content security policy (CVE-2020-6511)\n\n - chromium-browser: Type Confusion in V8 (CVE-2020-6512, CVE-2020-6533, CVE-2020-6537)\n\n - chromium-browser: Heap buffer overflow in PDFium (CVE-2020-6513)\n\n - chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514, CVE-2020-6529)\n\n - chromium-browser: Use after free in tab strip (CVE-2020-6515)\n\n - chromium-browser: Policy bypass in CORS (CVE-2020-6516)\n\n - chromium-browser: Heap buffer overflow in history (CVE-2020-6517)\n\n - chromium-browser: Use after free in developer tools (CVE-2020-6518)\n\n - chromium-browser: Policy bypass in CSP (CVE-2020-6519)\n\n - chromium-browser: Heap buffer overflow in Skia (CVE-2020-6520, CVE-2020-6525, CVE-2020-6540)\n\n - chromium-browser: Side-channel information leakage in autofill (CVE-2020-6521)\n\n - chromium-browser: Inappropriate implementation in external protocol handlers (CVE-2020-6522)\n\n - chromium-browser: Out of bounds write in Skia (CVE-2020-6523)\n\n - chromium-browser: Heap buffer overflow in WebAudio (CVE-2020-6524)\n\n - chromium-browser: Inappropriate implementation in iframe sandbox (CVE-2020-6526)\n\n - chromium-browser: Insufficient policy enforcement in CSP (CVE-2020-6527)\n\n - chromium-browser: Incorrect security UI in basic auth (CVE-2020-6528)\n\n - chromium-browser: Out of bounds memory access in developer tools (CVE-2020-6530)\n\n - chromium-browser: Side-channel information leakage in scroll to text (CVE-2020-6531)\n\n - chromium-browser: Use after free in SCTP (CVE-2020-6532)\n\n - chromium-browser: Heap buffer overflow in WebRTC (CVE-2020-6534)\n\n - chromium-browser: Insufficient data validation in WebUI (CVE-2020-6535)\n\n - chromium-browser: Incorrect security UI in PWAs (CVE-2020-6536)\n\n - chromium-browser: Inappropriate implementation in WebView (CVE-2020-6538)\n\n - chromium-browser: Use after free in CSS (CVE-2020-6539)\n\n - chromium-browser: Use after free in WebUSB (CVE-2020-6541)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6515\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6517\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6520\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6522\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6524\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6525\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6526\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6529\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6530\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6531\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6537\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6538\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6539\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-6541\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3377\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857320\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857325\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857326\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857327\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857328\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857329\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857330\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857332\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857334\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857337\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857339\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857341\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857342\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857349\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857351\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857400\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861464\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861467\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861469\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromium-browser package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6524\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-6522\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(122, 358, 416, 843);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_els:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:chromium-browser\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/client/6/6Client/i386/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/os',\n 'content/dist/rhel/client/6/6Client/i386/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/os',\n 'content/dist/rhel/client/6/6Client/i386/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/os',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/os',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/os',\n 'content/dist/rhel/client/6/6Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/os',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/optional/debug',\n 'content/dist/rhel/server/6/6Server/i386/optional/os',\n 'content/dist/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/os',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/os',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/os',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/os',\n 'content/els/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/os',\n 'content/els/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/os',\n 'content/els/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/debug',\n 'content/fastrack/rhel/client/6/i386/optional/debug',\n 'content/fastrack/rhel/client/6/i386/optional/os',\n 'content/fastrack/rhel/client/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/os',\n 'content/fastrack/rhel/client/6/i386/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/os',\n 'content/fastrack/rhel/client/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/os',\n 'content/fastrack/rhel/client/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/os',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/os',\n 'content/fastrack/rhel/server/6/i386/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/os',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/optional/debug',\n 'content/fastrack/rhel/server/6/i386/optional/os',\n 'content/fastrack/rhel/server/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/server/6/x86_64/hpn/os',\n 'content/fastrack/rhel/server/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/os',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/optional/debug',\n 'content/fastrack/rhel/server/6/x86_64/optional/os',\n 'content/fastrack/rhel/server/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/os',\n 'content/fastrack/rhel/workstation/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/os',\n 'content/fastrack/rhel/workstation/6/i386/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'chromium-browser-84.0.4147.105-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'chromium-browser-84.0.4147.105-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium-browser');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-05T14:29:28", "description": "Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-01-04T00:00:00", "type": "nessus", "title": "Debian DSA-4824-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15959", "CVE-2020-15960", "CVE-2020-15961", "CVE-2020-15962", "CVE-2020-15963", "CVE-2020-15964", "CVE-2020-15965", "CVE-2020-15966", "CVE-2020-15967", "CVE-2020-15968", "CVE-2020-15969", "CVE-2020-15970", "CVE-2020-15971", "CVE-2020-15972", "CVE-2020-15973", "CVE-2020-15974", "CVE-2020-15975", "CVE-2020-15976", "CVE-2020-15977", "CVE-2020-15978", "CVE-2020-15979", "CVE-2020-15980", "CVE-2020-15981", "CVE-2020-15982", "CVE-2020-15983", "CVE-2020-15984", "CVE-2020-15985", "CVE-2020-15986", "CVE-2020-15987", "CVE-2020-15988", "CVE-2020-15989", "CVE-2020-15990", "CVE-2020-15991", "CVE-2020-15992", "CVE-2020-15999", "CVE-2020-16000", "CVE-2020-16001", "CVE-2020-16002", "CVE-2020-16003", "CVE-2020-16004", "CVE-2020-16005", "CVE-2020-16006", "CVE-2020-16007", "CVE-2020-16008", "CVE-2020-16009", "CVE-2020-16011", "CVE-2020-16012", "CVE-2020-16013", "CVE-2020-16014", "CVE-2020-16015", "CVE-2020-16016", "CVE-2020-16017", "CVE-2020-16018", "CVE-2020-16019", "CVE-2020-16020", "CVE-2020-16021", "CVE-2020-16022", "CVE-2020-16023", "CVE-2020-16024", "CVE-2020-16025", "CVE-2020-16026", "CVE-2020-16027", "CVE-2020-16028", "CVE-2020-16029", "CVE-2020-16030", "CVE-2020-16031", "CVE-2020-16032", "CVE-2020-16033", "CVE-2020-16034", "CVE-2020-16035", "CVE-2020-16036", "CVE-2020-16037", "CVE-2020-16038", "CVE-2020-16039", "CVE-2020-16040", "CVE-2020-16041", "CVE-2020-16042", "CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6532", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536", "CVE-2020-6537", "CVE-2020-6538", "CVE-2020-6539", "CVE-2020-6540", "CVE-2020-6541", "CVE-2020-6542", "CVE-2020-6543", "CVE-2020-6544", "CVE-2020-6545", "CVE-2020-6546", "CVE-2020-6547", "CVE-2020-6548", "CVE-2020-6549", "CVE-2020-6550", "CVE-2020-6551", "CVE-2020-6552", "CVE-2020-6553", "CVE-2020-6554", "CVE-2020-6555", "CVE-2020-6556", "CVE-2020-6557", "CVE-2020-6558", "CVE-2020-6559", "CVE-2020-6560", "CVE-2020-6561", "CVE-2020-6562", "CVE-2020-6563", "CVE-2020-6564", "CVE-2020-6565", "CVE-2020-6566", "CVE-2020-6567", "CVE-2020-6568", "CVE-2020-6569", "CVE-2020-6570", "CVE-2020-6571", "CVE-2020-6573", "CVE-2020-6574", "CVE-2020-6575", "CVE-2020-6576"], "modified": "2022-12-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4824.NASL", "href": "https://www.tenable.com/plugins/nessus/144672", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4824. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144672);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/08\");\n\n script_cve_id(\"CVE-2020-15959\", \"CVE-2020-15960\", \"CVE-2020-15961\", \"CVE-2020-15962\", \"CVE-2020-15963\", \"CVE-2020-15964\", \"CVE-2020-15965\", \"CVE-2020-15966\", \"CVE-2020-15967\", \"CVE-2020-15968\", \"CVE-2020-15969\", \"CVE-2020-15970\", \"CVE-2020-15971\", \"CVE-2020-15972\", \"CVE-2020-15973\", \"CVE-2020-15974\", \"CVE-2020-15975\", \"CVE-2020-15976\", \"CVE-2020-15977\", \"CVE-2020-15978\", \"CVE-2020-15979\", \"CVE-2020-15980\", \"CVE-2020-15981\", \"CVE-2020-15982\", \"CVE-2020-15983\", \"CVE-2020-15984\", \"CVE-2020-15985\", \"CVE-2020-15986\", \"CVE-2020-15987\", \"CVE-2020-15988\", \"CVE-2020-15989\", \"CVE-2020-15990\", \"CVE-2020-15991\", \"CVE-2020-15992\", \"CVE-2020-15999\", \"CVE-2020-16000\", \"CVE-2020-16001\", \"CVE-2020-16002\", \"CVE-2020-16003\", \"CVE-2020-16004\", \"CVE-2020-16005\", \"CVE-2020-16006\", \"CVE-2020-16007\", \"CVE-2020-16008\", \"CVE-2020-16009\", \"CVE-2020-16011\", \"CVE-2020-16012\", \"CVE-2020-16013\", \"CVE-2020-16014\", \"CVE-2020-16015\", \"CVE-2020-16016\", \"CVE-2020-16017\", \"CVE-2020-16018\", \"CVE-2020-16019\", \"CVE-2020-16020\", \"CVE-2020-16021\", \"CVE-2020-16022\", \"CVE-2020-16023\", \"CVE-2020-16024\", \"CVE-2020-16025\", \"CVE-2020-16026\", \"CVE-2020-16027\", \"CVE-2020-16028\", \"CVE-2020-16029\", \"CVE-2020-16030\", \"CVE-2020-16031\", \"CVE-2020-16032\", \"CVE-2020-16033\", \"CVE-2020-16034\", \"CVE-2020-16035\", \"CVE-2020-16036\", \"CVE-2020-16037\", \"CVE-2020-16038\", \"CVE-2020-16039\", \"CVE-2020-16040\", \"CVE-2020-16041\", \"CVE-2020-16042\", \"CVE-2020-6510\", \"CVE-2020-6511\", \"CVE-2020-6512\", \"CVE-2020-6513\", \"CVE-2020-6514\", \"CVE-2020-6515\", \"CVE-2020-6516\", \"CVE-2020-6517\", \"CVE-2020-6518\", \"CVE-2020-6519\", \"CVE-2020-6520\", \"CVE-2020-6521\", \"CVE-2020-6522\", \"CVE-2020-6523\", \"CVE-2020-6524\", \"CVE-2020-6525\", \"CVE-2020-6526\", \"CVE-2020-6527\", \"CVE-2020-6528\", \"CVE-2020-6529\", \"CVE-2020-6530\", \"CVE-2020-6531\", \"CVE-2020-6532\", \"CVE-2020-6533\", \"CVE-2020-6534\", \"CVE-2020-6535\", \"CVE-2020-6536\", \"CVE-2020-6537\", \"CVE-2020-6538\", \"CVE-2020-6539\", \"CVE-2020-6540\", \"CVE-2020-6541\", \"CVE-2020-6542\", \"CVE-2020-6543\", \"CVE-2020-6544\", \"CVE-2020-6545\", \"CVE-2020-6546\", \"CVE-2020-6547\", \"CVE-2020-6548\", \"CVE-2020-6549\", \"CVE-2020-6550\", \"CVE-2020-6551\", \"CVE-2020-6552\", \"CVE-2020-6553\", \"CVE-2020-6554\", \"CVE-2020-6555\", \"CVE-2020-6556\", \"CVE-2020-6557\", \"CVE-2020-6558\", \"CVE-2020-6559\", \"CVE-2020-6560\", \"CVE-2020-6561\", \"CVE-2020-6562\", \"CVE-2020-6563\", \"CVE-2020-6564\", \"CVE-2020-6565\", \"CVE-2020-6566\", \"CVE-2020-6567\", \"CVE-2020-6568\", \"CVE-2020-6569\", \"CVE-2020-6570\", \"CVE-2020-6571\", \"CVE-2020-6573\", \"CVE-2020-6574\", \"CVE-2020-6575\", \"CVE-2020-6576\");\n script_xref(name:\"DSA\", value:\"4824\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"Debian DSA-4824-1 : chromium - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in the Chromium web browser,\nwhich could result in the execution of arbitrary code, denial of\nservice or information disclosure.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/chromium\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/chromium\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2021/dsa-4824\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 87.0.4280.88-0.4~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-6559\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Google Chrome versions before 87.0.4280.88 integer overflow during SimplfiedLowering phase');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/01/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"chromium\", reference:\"87.0.4280.88-0.4~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-common\", reference:\"87.0.4280.88-0.4~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-driver\", reference:\"87.0.4280.88-0.4~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-l10n\", reference:\"87.0.4280.88-0.4~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-sandbox\", reference:\"87.0.4280.88-0.4~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"chromium-shell\", reference:\"87.0.4280.88-0.4~deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2022-11-08T23:04:24", "description": "An update that fixes 26 vulnerabilities is now available.\n\nDescription:\n\n This update for opera fixes the following issues:\n\n - Update to version 70.0.3728.71\n - DNA-86267 Make `Recently closed tabs` appearance consistent with\n `Search for open tabs`.\n - DNA-86988 Opera 70 translations\n - DNA-87530 Zen news leads not loading\n - DNA-87636 Fix displaying folder icon for closed windows in recently\n closed list\n - DNA-87682 Replace Extensions icon in toolbar with icon from sidebar\n - DNA-87756 Extend chrome.sessions.getRecentlyClosed with information\n about last active tab in window.\n - DNA-87778 Crash at opera::InstantSearchViewViews::\n ~InstantSearchViewViews()\n - DNA-87815 Change affiliate links for AliExpress Search\n - Update to version 70.0.3728.59\n - CHR-8010 Update chromium on desktop-stable-84-3728 to 84.0.4147.89\n - DNA-87019 The video image does not respond to the pressing after\n closed the \u201cQuit Opera?\u201d dialog\n - DNA-87342 Fix right padding in settings > weather section\n - DNA-87427 Remove unneeded information from the requests\u2019 diagnostics\n - DNA-87560 Crash at views::Widget::GetNativeView()\n - DNA-87561 Crash at CRYPTO_BUFFER_len\n - DNA-87599 Bypass VPN for default search engines doesn\u2019t work\n - DNA-87611 Unittests fails on declarativeNetRequest and\n declarativeNetRequestFeedback permissions\n - DNA-87612 [Mac] Misaligned icon in address bar\n - DNA-87619 [Win/Lin] Misaligned icon in address bar\n - DNA-87716 [macOS/Windows] Crash when Search in tabs is open and Opera\n is minimised\n - DNA-87749 Crash at opera::InstantSearchSuggestionLineView::\n SetIsHighlighted(bool)\n - The update to chromium 84.0.4147.89 fixes following issues:\n - CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513,\n CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517,\n CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521,\n CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525,\n CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529,\n CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534,\n CVE-2020-6535, CVE-2020-6536\n - Complete Opera 70.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-70/\n\n - Update to version 69.0.3686.77\n - DNA-84207 New Yubikey enrollment is not working\n - DNA-87185 Lost translation\n - DNA-87382 Integrate scrolling to top of the feed with the existing\n scroll position restoration\n - DNA-87535 Sort out news on startpage state\n - DNA-87588 Merge \u201cPrevent pointer from being sent in the clear\n over SCTP\u201d to desktop-stable-83-3686\n\n - Update to version 69.0.3686.57\n - DNA-86682 Title case in Russian translation\n - DNA-86807 Title case in O69 BR Portuguese translation\n - DNA-87104 Right click context menu becomes scrollable sometimes\n - DNA-87376 Search in tabs opens significantly slower in O69\n - DNA-87505 [Welcome Pages][Stats] Session stats for Welcome and Upgrade\n pages\n - DNA-87535 Sort out news on startpage state\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:NonFree:\n\n zypper in -t patch openSUSE-2020-1172=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-08-09T00:00:00", "type": "suse", "title": "Security update for opera (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-08-09T00:00:00", "id": "OPENSUSE-SU-2020:1172-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WZQTQQL5WTZXSGFZFDO5XE5G5NKPCJ6E/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T12:41:10", "description": "An update that fixes 26 vulnerabilities is now available.\n\nDescription:\n\n This update for opera fixes the following issues:\n\n - Update to version 70.0.3728.71\n - DNA-86267 Make `Recently closed tabs` appearance consistent with\n `Search for open tabs`.\n - DNA-86988 Opera 70 translations\n - DNA-87530 Zen news leads not loading\n - DNA-87636 Fix displaying folder icon for closed windows in recently\n closed list\n - DNA-87682 Replace Extensions icon in toolbar with icon from sidebar\n - DNA-87756 Extend chrome.sessions.getRecentlyClosed with information\n about last active tab in window.\n - DNA-87778 Crash at opera::InstantSearchViewViews::\n ~InstantSearchViewViews()\n - DNA-87815 Change affiliate links for AliExpress Search\n - Update to version 70.0.3728.59\n - CHR-8010 Update chromium on desktop-stable-84-3728 to 84.0.4147.89\n - DNA-87019 The video image does not respond to the pressing after\n closed the \u201cQuit Opera?\u201d dialog\n - DNA-87342 Fix right padding in settings > weather section\n - DNA-87427 Remove unneeded information from the requests\u2019 diagnostics\n - DNA-87560 Crash at views::Widget::GetNativeView()\n - DNA-87561 Crash at CRYPTO_BUFFER_len\n - DNA-87599 Bypass VPN for default search engines doesn\u2019t work\n - DNA-87611 Unittests fails on declarativeNetRequest and\n declarativeNetRequestFeedback permissions\n - DNA-87612 [Mac] Misaligned icon in address bar\n - DNA-87619 [Win/Lin] Misaligned icon in address bar\n - DNA-87716 [macOS/Windows] Crash when Search in tabs is open and Opera\n is minimized\n - DNA-87749 Crash at opera::InstantSearchSuggestionLineView::\n SetIsHighlighted(bool)\n - The update to chromium 84.0.4147.89 fixes following issues:\n - CVE-2020-6510, CVE-2020-6511, CVE-2020-6512, CVE-2020-6513,\n CVE-2020-6514, CVE-2020-6515, CVE-2020-6516, CVE-2020-6517,\n CVE-2020-6518, CVE-2020-6519, CVE-2020-6520, CVE-2020-6521,\n CVE-2020-6522, CVE-2020-6523, CVE-2020-6524, CVE-2020-6525,\n CVE-2020-6526, CVE-2020-6527, CVE-2020-6528, CVE-2020-6529,\n CVE-2020-6530, CVE-2020-6531, CVE-2020-6533, CVE-2020-6534,\n CVE-2020-6535, CVE-2020-6536\n - Complete Opera 70.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-70/\n\n - Update to version 69.0.3686.77\n - DNA-84207 New Yubikey enrollment is not working\n - DNA-87185 Lost translation\n - DNA-87382 Integrate scrolling to top of the feed with the existing\n scroll position restoration\n - DNA-87535 Sort out news on start page state\n - DNA-87588 Merge \u201cPrevent pointer from being sent in the clear\n over SCTP\u201d to desktop-stable-83-3686\n\n - Update to version 69.0.3686.57\n - DNA-86682 Title case in Russian translation\n - DNA-86807 Title case in O69 BR Portuguese translation\n - DNA-87104 Right click context menu becomes scrollable sometimes\n - DNA-87376 Search in tabs opens significantly slower in O69\n - DNA-87505 [Welcome Pages][Stats] Session stats for Welcome and Upgrade\n pages\n - DNA-87535 Sort out news on start page state\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:NonFree:\n\n zypper in -t patch openSUSE-2020-1148=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-08-05T00:00:00", "type": "suse", "title": "Security update for opera (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-08-05T00:00:00", "id": "OPENSUSE-SU-2020:1148-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NUYO4K4AZKJVSJP4235727TELODNCOSP/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-08T04:09:41", "description": "An update that fixes 26 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n - Update to 84.0.4147.89 boo#1174189:\n * Critical CVE-2020-6510: Heap buffer overflow in background fetch.\n * High CVE-2020-6511: Side-channel information leakage in content\n security policy.\n * High CVE-2020-6512: Type Confusion in V8.\n * High CVE-2020-6513: Heap buffer overflow in PDFium.\n * High CVE-2020-6514: Inappropriate implementation in WebRTC.\n * High CVE-2020-6515: Use after free in tab strip.\n * High CVE-2020-6516: Policy bypass in CORS.\n * High CVE-2020-6517: Heap buffer overflow in history.\n * Medium CVE-2020-6518: Use after free in developer tools.\n * Medium CVE-2020-6519: Policy bypass in CSP.\n * Medium CVE-2020-6520: Heap buffer overflow in Skia.\n * Medium CVE-2020-6521: Side-channel information leakage in autofill.\n * Medium CVE-2020-6522: Inappropriate implementation in external\n protocol handlers.\n * Medium CVE-2020-6523: Out of bounds write in Skia.\n * Medium CVE-2020-6524: Heap buffer overflow in WebAudio.\n * Medium CVE-2020-6525: Heap buffer overflow in Skia.\n * Low CVE-2020-6526: Inappropriate implementation in iframe sandbox.\n * Low CVE-2020-6527: Insufficient policy enforcement in CSP.\n * Low CVE-2020-6528: Incorrect security UI in basic auth.\n * Low CVE-2020-6529: Inappropriate implementation in WebRTC.\n * Low CVE-2020-6530: Out of bounds memory access in developer tools.\n * Low CVE-2020-6531: Side-channel information leakage in scroll to text.\n * Low CVE-2020-6533: Type Confusion in V8.\n * Low CVE-2020-6534: Heap buffer overflow in WebRTC.\n * Low CVE-2020-6535: Insufficient data validation in WebUI.\n * Low CVE-2020-6536: Incorrect security UI in PWAs.\n - Use bundled xcb-proto as we need to generate py2 bindings\n - Try to fix non-wayland build for Leap builds\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-1021=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-20T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-07-20T00:00:00", "id": "OPENSUSE-SU-2020:1021-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q55W7KZFLR3UGN4DZTG2DV3E64K6CNP6/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-08T04:09:41", "description": "An update that fixes 26 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n - Update to 84.0.4147.89 boo#1174189:\n * Critical CVE-2020-6510: Heap buffer overflow in background fetch.\n * High CVE-2020-6511: Side-channel information leakage in content\n security policy.\n * High CVE-2020-6512: Type Confusion in V8.\n * High CVE-2020-6513: Heap buffer overflow in PDFium.\n * High CVE-2020-6514: Inappropriate implementation in WebRTC.\n * High CVE-2020-6515: Use after free in tab strip.\n * High CVE-2020-6516: Policy bypass in CORS.\n * High CVE-2020-6517: Heap buffer overflow in history.\n * Medium CVE-2020-6518: Use after free in developer tools.\n * Medium CVE-2020-6519: Policy bypass in CSP.\n * Medium CVE-2020-6520: Heap buffer overflow in Skia.\n * Medium CVE-2020-6521: Side-channel information leakage in autofill.\n * Medium CVE-2020-6522: Inappropriate implementation in external\n protocol handlers.\n * Medium CVE-2020-6523: Out of bounds write in Skia.\n * Medium CVE-2020-6524: Heap buffer overflow in WebAudio.\n * Medium CVE-2020-6525: Heap buffer overflow in Skia.\n * Low CVE-2020-6526: Inappropriate implementation in iframe sandbox.\n * Low CVE-2020-6527: Insufficient policy enforcement in CSP.\n * Low CVE-2020-6528: Incorrect security UI in basic auth.\n * Low CVE-2020-6529: Inappropriate implementation in WebRTC.\n * Low CVE-2020-6530: Out of bounds memory access in developer tools.\n * Low CVE-2020-6531: Side-channel information leakage in scroll to text.\n * Low CVE-2020-6533: Type Confusion in V8.\n * Low CVE-2020-6534: Heap buffer overflow in WebRTC.\n * Low CVE-2020-6535: Insufficient data validation in WebUI.\n * Low CVE-2020-6536: Incorrect security UI in PWAs.\n - Use bundled xcb-proto as we need to generate py2 bindings\n - Try to fix non-wayland build for Leap builds\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-1020=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-20T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-07-20T00:00:00", "id": "OPENSUSE-SU-2020:1020-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HFV4AYJ7GJLZVA5D4ARU5H4RK6EYKRCE/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T12:41:14", "description": "An update that fixes 26 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n - Update to 84.0.4147.89 boo#1174189:\n * Critical CVE-2020-6510: Heap buffer overflow in background fetch.\n * High CVE-2020-6511: Side-channel information leakage in content\n security policy.\n * High CVE-2020-6512: Type Confusion in V8.\n * High CVE-2020-6513: Heap buffer overflow in PDFium.\n * High CVE-2020-6514: Inappropriate implementation in WebRTC.\n * High CVE-2020-6515: Use after free in tab strip.\n * High CVE-2020-6516: Policy bypass in CORS.\n * High CVE-2020-6517: Heap buffer overflow in history.\n * Medium CVE-2020-6518: Use after free in developer tools.\n * Medium CVE-2020-6519: Policy bypass in CSP.\n * Medium CVE-2020-6520: Heap buffer overflow in Skia.\n * Medium CVE-2020-6521: Side-channel information leakage in autofill.\n * Medium CVE-2020-6522: Inappropriate implementation in external\n protocol handlers.\n * Medium CVE-2020-6523: Out of bounds write in Skia.\n * Medium CVE-2020-6524: Heap buffer overflow in WebAudio.\n * Medium CVE-2020-6525: Heap buffer overflow in Skia.\n * Low CVE-2020-6526: Inappropriate implementation in iframe sandbox.\n * Low CVE-2020-6527: Insufficient policy enforcement in CSP.\n * Low CVE-2020-6528: Incorrect security UI in basic auth.\n * Low CVE-2020-6529: Inappropriate implementation in WebRTC.\n * Low CVE-2020-6530: Out of bounds memory access in developer tools.\n * Low CVE-2020-6531: Side-channel information leakage in scroll to text.\n * Low CVE-2020-6533: Type Confusion in V8.\n * Low CVE-2020-6534: Heap buffer overflow in WebRTC.\n * Low CVE-2020-6535: Insufficient data validation in WebUI.\n * Low CVE-2020-6536: Incorrect security UI in PWAs.\n - Use bundled xcb-proto as we need to generate py2 bindings\n - Try to fix non-wayland build for Leap builds\n\n This update was imported from the openSUSE:Leap:15.1:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP1:\n\n zypper in -t patch openSUSE-2020-1061=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-26T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-07-26T00:00:00", "id": "OPENSUSE-SU-2020:1061-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GONT67H2PPPIF3W6X5ZYIIS6IY5KH7EO/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-06T17:59:12", "description": "An update that fixes 26 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n - Update to 84.0.4147.89 boo#1174189:\n * Critical CVE-2020-6510: Heap buffer overflow in background fetch.\n * High CVE-2020-6511: Side-channel information leakage in content\n security policy.\n * High CVE-2020-6512: Type Confusion in V8.\n * High CVE-2020-6513: Heap buffer overflow in PDFium.\n * High CVE-2020-6514: Inappropriate implementation in WebRTC.\n * High CVE-2020-6515: Use after free in tab strip.\n * High CVE-2020-6516: Policy bypass in CORS.\n * High CVE-2020-6517: Heap buffer overflow in history.\n * Medium CVE-2020-6518: Use after free in developer tools.\n * Medium CVE-2020-6519: Policy bypass in CSP.\n * Medium CVE-2020-6520: Heap buffer overflow in Skia.\n * Medium CVE-2020-6521: Side-channel information leakage in autofill.\n * Medium CVE-2020-6522: Inappropriate implementation in external\n protocol handlers.\n * Medium CVE-2020-6523: Out of bounds write in Skia.\n * Medium CVE-2020-6524: Heap buffer overflow in WebAudio.\n * Medium CVE-2020-6525: Heap buffer overflow in Skia.\n * Low CVE-2020-6526: Inappropriate implementation in iframe sandbox.\n * Low CVE-2020-6527: Insufficient policy enforcement in CSP.\n * Low CVE-2020-6528: Incorrect security UI in basic auth.\n * Low CVE-2020-6529: Inappropriate implementation in WebRTC.\n * Low CVE-2020-6530: Out of bounds memory access in developer tools.\n * Low CVE-2020-6531: Side-channel information leakage in scroll to text.\n * Low CVE-2020-6533: Type Confusion in V8.\n * Low CVE-2020-6534: Heap buffer overflow in WebRTC.\n * Low CVE-2020-6535: Insufficient data validation in WebUI.\n * Low CVE-2020-6536: Incorrect security UI in PWAs.\n - Use bundled xcb-proto as we need to generate py2 bindings\n - Try to fix non-wayland build for Leap builds\n\n This update was imported from the openSUSE:Leap:15.2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP2:\n\n zypper in -t patch openSUSE-2020-1048=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-09-18T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-09-18T00:00:00", "id": "OPENSUSE-SU-2020:1048-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W2JQIILB6PSFXNLUKHHJWYX5HTDVPLVE/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2023-02-08T15:51:54", "description": "### *Detect date*:\n07/14/2020\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nGoogle Chrome earlier than 84.0.4147.89\n\n### *Solution*:\nUpdate to the latest version \n[Download Google Chrome](<https://www.google.com/chrome/>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2020-6536](<https://vulners.com/cve/CVE-2020-6536>)4.3Warning \n[CVE-2020-6529](<https://vulners.com/cve/CVE-2020-6529>)4.3Warning \n[CVE-2020-6518](<https://vulners.com/cve/CVE-2020-6518>)9.3Critical \n[CVE-2020-6520](<https://vulners.com/cve/CVE-2020-6520>)9.3Critical \n[CVE-2020-6525](<https://vulners.com/cve/CVE-2020-6525>)6.8High \n[CVE-2020-6522](<https://vulners.com/cve/CVE-2020-6522>)6.8High \n[CVE-2020-6528](<https://vulners.com/cve/CVE-2020-6528>)4.3Warning \n[CVE-2020-6531](<https://vulners.com/cve/CVE-2020-6531>)4.3Warning \n[CVE-2020-6523](<https://vulners.com/cve/CVE-2020-6523>)9.3Critical \n[CVE-2020-6530](<https://vulners.com/cve/CVE-2020-6530>)6.8High \n[CVE-2020-6510](<https://vulners.com/cve/CVE-2020-6510>)6.8High \n[CVE-2020-6515](<https://vulners.com/cve/CVE-2020-6515>)9.3Critical \n[CVE-2020-6511](<https://vulners.com/cve/CVE-2020-6511>)4.3Warning \n[CVE-2020-6533](<https://vulners.com/cve/CVE-2020-6533>)6.8High \n[CVE-2020-6516](<https://vulners.com/cve/CVE-2020-6516>)4.3Warning \n[CVE-2020-6527](<https://vulners.com/cve/CVE-2020-6527>)4.3Warning \n[CVE-2020-6519](<https://vulners.com/cve/CVE-2020-6519>)4.3Warning \n[CVE-2020-6524](<https://vulners.com/cve/CVE-2020-6524>)9.3Critical \n[CVE-2020-6526](<https://vulners.com/cve/CVE-2020-6526>)4.3Warning \n[CVE-2020-6534](<https://vulners.com/cve/CVE-2020-6534>)6.8High \n[CVE-2020-6512](<https://vulners.com/cve/CVE-2020-6512>)9.3Critical \n[CVE-2020-6535](<https://vulners.com/cve/CVE-2020-6535>)4.3Warning \n[CVE-2020-6517](<https://vulners.com/cve/CVE-2020-6517>)9.3Critical \n[CVE-2020-6521](<https://vulners.com/cve/CVE-2020-6521>)4.3Warning \n[CVE-2020-6514](<https://vulners.com/cve/CVE-2020-6514>)4.3Warning \n[CVE-2020-6513](<https://vulners.com/cve/CVE-2020-6513>)6.8High", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-14T00:00:00", "type": "kaspersky", "title": "KLA11869 Multiple vulnerability in Google Chrome", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2021-05-27T00:00:00", "id": "KLA11869", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11869/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nChrome Releases reports:\n\nThis update contains 38 security fixes, including:\n\n[1103195] Critical CVE-2020-6510: Heap buffer overflow in\n\t background fetch. Reported by Leecraso and Guang Gong of 360\n\t Alpha Lab working with 360 BugCloud on 2020-07-08\n[1074317] High CVE-2020-6511: Side-channel information leakage\n\t in content security policy. Reported by Mikhail Oblozhikhin on\n\t 2020-04-24\n[1084820] High CVE-2020-6512: Type Confusion in V8. Reported by\n\t nocma, leogan, cheneyxu of WeChat Open Platform Security Team on\n\t 2020-05-20\n[1091404] High CVE-2020-6513: Heap buffer overflow in PDFium.\n\t Reported by Aleksandar Nikolic of Cisco Talos on 2020-06-04\n[1076703] High CVE-2020-6514: Inappropriate implementation in\n\t WebRTC. Reported by Natalie Silvanovich of Google Project Zero on\n\t 2020-04-30\n[1082755] High CVE-2020-6515: Use after free in tab strip.\n\t Reported by DDV_UA on 2020-05-14\n[1092449] High CVE-2020-6516: Policy bypass in CORS. Reported by\n\t Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security\n\t Xuanwu Lab on 2020-06-08\n[1095560] High CVE-2020-6517: Heap buffer overflow in history.\n\t Reported by ZeKai Wu (@hellowuzekai) of Tencent Security Xuanwu\n\t Lab on 2020-06-16\n[986051] Medium CVE-2020-6518: Use after free in developer\n\t tools. Reported by David Erceg on 2019-07-20\n[1064676] Medium CVE-2020-6519: Policy bypass in CSP. Reported\n\t by Gal Weizman (@WeizmanGal) of PerimeterX on 2020-03-25\n[1092274] Medium CVE-2020-6520: Heap buffer overflow in Skia.\n\t Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-08\n[1075734] Medium CVE-2020-6521: Side-channel information leakage\n\t in autofill. Reported by Xu Lin (University of Illinois at\n\t Chicago), Panagiotis Ilia (University of Illinois at Chicago),\n\t Jason Polakis (University of Illinois at Chicago) on\n\t 2020-04-27\n[1052093] Medium CVE-2020-6522: Inappropriate implementation in\n\t external protocol handlers. Reported by Eric Lawrence of Microsoft\n\t on 2020-02-13\n[1080481] Medium CVE-2020-6523: Out of bounds write in Skia.\n\t Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on\n\t 2020-05-08\n[1081722] Medium CVE-2020-6524: Heap buffer overflow in\n\t WebAudio. Reported by Sung Ta (@Mipu94) of SEFCOM Lab, Arizona\n\t State University on 2020-05-12\n[1091670] Medium CVE-2020-6525: Heap buffer overflow in Skia.\n\t Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-05\n[1074340] Low CVE-2020-6526: Inappropriate implementation in\n\t iframe sandbox. Reported by Jonathan Kingston on 2020-04-24\n[992698] Low CVE-2020-6527: Insufficient policy enforcement in\n\t CSP. Reported by Zhong Zhaochen of andsecurity.cn on\n\t 2019-08-10\n[1063690] Low CVE-2020-6528: Incorrect security UI in basic\n\t auth. Reported by Rayyan Bijoora on 2020-03-22\n[978779] Low CVE-2020-6529: Inappropriate implementation in\n\t WebRTC. Reported by kaustubhvats7 on 2019-06-26\n[1016278] Low CVE-2020-6530: Out of bounds memory access in\n\t developer tools. Reported by myvyang on 2019-10-21\n[1042986] Low CVE-2020-6531: Side-channel information leakage in\n\t scroll to text. Reported by Jun Kokatsu, Microsoft Browser\n\t Vulnerability Research on 2020-01-17\n[1069964] Low CVE-2020-6533: Type Confusion in V8. Reported by\n\t Avihay Cohen @ SeraphicAlgorithms on 2020-04-11\n[1072412] Low CVE-2020-6534: Heap buffer overflow in WebRTC.\n\t Reported by Anonymous on 2020-04-20\n[1073409] Low CVE-2020-6535: Insufficient data validation in\n\t WebUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability\n\t Research on 2020-04-22\n[1080934] Low CVE-2020-6536: Incorrect security UI in PWAs.\n\t Reported by Zhiyang Zeng of Tencent security platform department\n\t on 2020-05-09\n\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-07-14T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-07-14T00:00:00", "id": "870D59B0-C6C4-11EA-8015-E09467587C17", "href": "https://vuxml.freebsd.org/freebsd/870d59b0-c6c4-11ea-8015-e09467587c17.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:01:54", "description": "### Background\n\nChromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. \n\nGoogle Chrome is one fast, simple, and secure browser for all your devices. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/chromium-84.0.4147.89\"\n \n\nAll Google Chrome users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/google-chrome-84.0.4147.89\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-07-26T00:00:00", "type": "gentoo", "title": "Chromium, Google Chrome: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6505", "CVE-2020-6506", "CVE-2020-6507", "CVE-2020-6509", "CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536"], "modified": "2020-07-26T00:00:00", "id": "GLSA-202007-08", "href": "https://security.gentoo.org/glsa/202007-08", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-19T20:37:56", "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 84.0.4147.105.\n\nSecurity Fix(es):\n\n* chromium-browser: Heap buffer overflow in background fetch (CVE-2020-6510)\n\n* chromium-browser: Side-channel information leakage in content security policy (CVE-2020-6511)\n\n* chromium-browser: Type Confusion in V8 (CVE-2020-6512)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2020-6513)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* chromium-browser: Use after free in tab strip (CVE-2020-6515)\n\n* chromium-browser: Policy bypass in CORS (CVE-2020-6516)\n\n* chromium-browser: Heap buffer overflow in history (CVE-2020-6517)\n\n* chromium-browser: Use after free in SCTP (CVE-2020-6532)\n\n* chromium-browser: Type Confusion in V8 (CVE-2020-6537)\n\n* chromium-browser: Inappropriate implementation in WebView (CVE-2020-6538)\n\n* chromium-browser: Use after free in CSS (CVE-2020-6539)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6540)\n\n* chromium-browser: Use after free in WebUSB (CVE-2020-6541)\n\n* chromium-browser: Use after free in developer tools (CVE-2020-6518)\n\n* chromium-browser: Policy bypass in CSP (CVE-2020-6519)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6520)\n\n* chromium-browser: Side-channel information leakage in autofill (CVE-2020-6521)\n\n* chromium-browser: Inappropriate implementation in external protocol handlers (CVE-2020-6522)\n\n* chromium-browser: Out of bounds write in Skia (CVE-2020-6523)\n\n* chromium-browser: Heap buffer overflow in WebAudio (CVE-2020-6524)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6525)\n\n* chromium-browser: Inappropriate implementation in iframe sandbox (CVE-2020-6526)\n\n* chromium-browser: Insufficient policy enforcement in CSP (CVE-2020-6527)\n\n* chromium-browser: Incorrect security UI in basic auth (CVE-2020-6528)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6529)\n\n* chromium-browser: Out of bounds memory access in developer tools (CVE-2020-6530)\n\n* chromium-browser: Side-channel information leakage in scroll to text (CVE-2020-6531)\n\n* chromium-browser: Type Confusion in V8 (CVE-2020-6533)\n\n* chromium-browser: Heap buffer overflow in WebRTC (CVE-2020-6534)\n\n* chromium-browser: Insufficient data validation in WebUI (CVE-2020-6535)\n\n* chromium-browser: Incorrect security UI in PWAs (CVE-2020-6536)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-08-10T06:22:50", "type": "redhat", "title": "(RHSA-2020:3377) Critical: chromium-browser security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6532", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536", "CVE-2020-6537", "CVE-2020-6538", "CVE-2020-6539", "CVE-2020-6540", "CVE-2020-6541"], "modified": "2020-08-10T06:33:09", "id": "RHSA-2020:3377", "href": "https://access.redhat.com/errata/RHSA-2020:3377", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2023-02-24T11:15:06", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4824-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 01, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium\nCVE ID : CVE-2019-8075 CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 \n CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 \n CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 \n CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 \n CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 \n CVE-2020-6529 CVE-2020-6530 CVE-2020-6531 CVE-2020-6532 \n CVE-2020-6533 CVE-2020-6534 CVE-2020-6535 CVE-2020-6536 \n CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 \n CVE-2020-6541 CVE-2020-6542 CVE-2020-6543 CVE-2020-6544 \n CVE-2020-6545 CVE-2020-6546 CVE-2020-6547 CVE-2020-6548 \n CVE-2020-6549 CVE-2020-6550 CVE-2020-6551 CVE-2020-6552 \n CVE-2020-6553 CVE-2020-6554 CVE-2020-6555 CVE-2020-6556 \n CVE-2020-6557 CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 \n CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 \n CVE-2020-6565 CVE-2020-6566 CVE-2020-6567 CVE-2020-6568 \n CVE-2020-6569 CVE-2020-6570 CVE-2020-6571 CVE-2020-6573 \n CVE-2020-6574 CVE-2020-6575 CVE-2020-6576 CVE-2020-15959 \n CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 \n CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 CVE-2020-15967 \n CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 \n CVE-2020-15972 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 \n CVE-2020-15976 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979 \n CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983 \n CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 \n CVE-2020-15988 CVE-2020-15989 CVE-2020-15990 CVE-2020-15991 \n CVE-2020-15992 CVE-2020-15999 CVE-2020-16000 CVE-2020-16001 \n CVE-2020-16002 CVE-2020-16003 CVE-2020-16004 CVE-2020-16005 \n CVE-2020-16006 CVE-2020-16007 CVE-2020-16008 CVE-2020-16009 \n CVE-2020-16011 CVE-2020-16012 CVE-2020-16013 CVE-2020-16014 \n CVE-2020-16015 CVE-2020-16016 CVE-2020-16017 CVE-2020-16018 \n CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022 \n CVE-2020-16023 CVE-2020-16024 CVE-2020-16025 CVE-2020-16026 \n CVE-2020-16027 CVE-2020-16028 CVE-2020-16029 CVE-2020-16030 \n CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034 \n CVE-2020-16035 CVE-2020-16036 CVE-2020-16037 CVE-2020-16038 \n CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042\n\nMultiple security issues were discovered in the Chromium web browser, which\ncould result in the execution of arbitrary code, denial of service\nor information disclosure.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 87.0.4280.88-0.4~deb10u1.\n\nWe recommend that you upgrade your chromium packages.\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-01-01T18:49:56", "type": "debian", "title": "[SECURITY] [DSA 4824-1] chromium security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8075", "CVE-2020-15959", "CVE-2020-15960", "CVE-2020-15961", "CVE-2020-15962", "CVE-2020-15963", "CVE-2020-15964", "CVE-2020-15965", "CVE-2020-15966", "CVE-2020-15967", "CVE-2020-15968", "CVE-2020-15969", "CVE-2020-15970", "CVE-2020-15971", "CVE-2020-15972", "CVE-2020-15973", "CVE-2020-15974", "CVE-2020-15975", "CVE-2020-15976", "CVE-2020-15977", "CVE-2020-15978", "CVE-2020-15979", "CVE-2020-15980", "CVE-2020-15981", "CVE-2020-15982", "CVE-2020-15983", "CVE-2020-15984", "CVE-2020-15985", "CVE-2020-15986", "CVE-2020-15987", "CVE-2020-15988", "CVE-2020-15989", "CVE-2020-15990", "CVE-2020-15991", "CVE-2020-15992", "CVE-2020-15999", "CVE-2020-16000", "CVE-2020-16001", "CVE-2020-16002", "CVE-2020-16003", "CVE-2020-16004", "CVE-2020-16005", "CVE-2020-16006", "CVE-2020-16007", "CVE-2020-16008", "CVE-2020-16009", "CVE-2020-16011", "CVE-2020-16012", "CVE-2020-16013", "CVE-2020-16014", "CVE-2020-16015", "CVE-2020-16016", "CVE-2020-16017", "CVE-2020-16018", "CVE-2020-16019", "CVE-2020-16020", "CVE-2020-16021", "CVE-2020-16022", "CVE-2020-16023", "CVE-2020-16024", "CVE-2020-16025", "CVE-2020-16026", "CVE-2020-16027", "CVE-2020-16028", "CVE-2020-16029", "CVE-2020-16030", "CVE-2020-16031", "CVE-2020-16032", "CVE-2020-16033", "CVE-2020-16034", "CVE-2020-16035", "CVE-2020-16036", "CVE-2020-16037", "CVE-2020-16038", "CVE-2020-16039", "CVE-2020-16040", "CVE-2020-16041", "CVE-2020-16042", "CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6532", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536", "CVE-2020-6537", "CVE-2020-6538", "CVE-2020-6539", "CVE-2020-6540", "CVE-2020-6541", "CVE-2020-6542", "CVE-2020-6543", "CVE-2020-6544", "CVE-2020-6545", "CVE-2020-6546", "CVE-2020-6547", "CVE-2020-6548", "CVE-2020-6549", "CVE-2020-6550", "CVE-2020-6551", "CVE-2020-6552", "CVE-2020-6553", "CVE-2020-6554", "CVE-2020-6555", "CVE-2020-6556", "CVE-2020-6557", "CVE-2020-6558", "CVE-2020-6559", "CVE-2020-6560", "CVE-2020-6561", "CVE-2020-6562", "CVE-2020-6563", "CVE-2020-6564", "CVE-2020-6565", "CVE-2020-6566", "CVE-2020-6567", "CVE-2020-6568", "CVE-2020-6569", "CVE-2020-6570", "CVE-2020-6571", "CVE-2020-6573", "CVE-2020-6574", "CVE-2020-6575", "CVE-2020-6576"], "modified": "2021-01-01T18:49:56", "id": "DEBIAN:DSA-4824-1:11EBB", "href": "https://lists.debian.org/debian-security-announce/2021/msg00002.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-08-10T07:19:41", "description": "\nMultiple security issues were discovered in the Chromium web browser, which\ncould result in the execution of arbitrary code, denial of service\nor information disclosure.\n\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 87.0.4280.88-0.4~deb10u1.\n\n\nWe recommend that you upgrade your chromium packages.\n\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/chromium](https://security-tracker.debian.org/tracker/chromium)\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-01-01T00:00:00", "type": "osv", "title": "chromium - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16024", "CVE-2020-6548", "CVE-2020-6518", "CVE-2020-16026", "CVE-2020-15965", "CVE-2020-16012", "CVE-2020-16000", "CVE-2020-6569", "CVE-2020-16011", "CVE-2020-15979", "CVE-2020-6564", "CVE-2020-15962", "CVE-2020-15969", "CVE-2020-6570", "CVE-2020-6533", "CVE-2020-6565", "CVE-2020-16032", "CVE-2020-6561", "CVE-2020-6540", "CVE-2020-15984", "CVE-2020-6559", "CVE-2020-6545", "CVE-2020-6554", "CVE-2020-6566", "CVE-2020-6528", "CVE-2020-6563", "CVE-2020-16031", "CVE-2020-15974", "CVE-2020-16030", "CVE-2020-16039", "CVE-2020-15960", "CVE-2020-16035", "CVE-2020-6547", "CVE-2020-6529", "CVE-2020-15999", "CVE-2020-6537", "CVE-2020-6560", "CVE-2020-16027", "CVE-2020-16009", "CVE-2020-6511", "CVE-2020-6568", "CVE-2020-15982", "CVE-2020-6542", "CVE-2020-15968", "CVE-2020-16002", "CVE-2020-15975", "CVE-2020-15985", "CVE-2020-6538", "CVE-2020-15976", "CVE-2020-6550", "CVE-2020-16001", "CVE-2020-6534", "CVE-2020-16021", "CVE-2020-16023", "CVE-2020-16042", "CVE-2020-16029", "CVE-2020-15989", "CVE-2020-6532", "CVE-2020-6521", "CVE-2020-15983", "CVE-2020-6536", "CVE-2020-15972", "CVE-2020-16005", "CVE-2020-15966", "CVE-2020-16004", "CVE-2020-6535", "CVE-2020-16008", "CVE-2020-6571", "CVE-2020-6519", "CVE-2020-16016", "CVE-2020-16041", "CVE-2020-6530", "CVE-2020-6520", "CVE-2020-6522", "CVE-2020-15963", "CVE-2020-16040", "CVE-2020-16034", "CVE-2020-15964", "CVE-2020-15986", "CVE-2020-6555", "CVE-2020-15973", "CVE-2020-16022", "CVE-2020-6573", "CVE-2020-15987", "CVE-2020-15971", "CVE-2020-6512", "CVE-2020-15991", "CVE-2020-6567", "CVE-2020-16033", "CVE-2020-6514", "CVE-2020-16019", "CVE-2020-6576", "CVE-2020-6543", "CVE-2020-16014", "CVE-2020-6539", "CVE-2020-16003", "CVE-2020-16006", "CVE-2020-16036", "CVE-2020-6515", "CVE-2020-6551", "CVE-2020-6575", "CVE-2020-15970", "CVE-2020-6552", "CVE-2020-6513", "CVE-2020-15977", "CVE-2020-16013", "CVE-2020-6557", "CVE-2020-6556", "CVE-2020-6523", "CVE-2020-16038", "CVE-2020-16018", "CVE-2020-16025", "CVE-2020-16037", "CVE-2020-6526", "CVE-2020-15990", "CVE-2020-16015", "CVE-2020-16028", "CVE-2020-6553", "CVE-2020-6549", "CVE-2020-15978", "CVE-2020-15981", "CVE-2020-6516", "CVE-2020-6525", "CVE-2020-6562", "CVE-2020-15961", "CVE-2020-6527", "CVE-2020-6541", "CVE-2020-15980", "CVE-2020-6517", "CVE-2020-16017", "CVE-2020-15988", "CVE-2020-6524", "CVE-2020-15967", "CVE-2020-6531", "CVE-2020-6510", "CVE-2020-6544", "CVE-2020-15992", "CVE-2020-16020", "CVE-2020-15959"], "modified": "2022-08-10T07:19:38", "id": "OSV:DSA-4824-1", "href": "https://osv.dev/vulnerability/DSA-4824-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2023-03-17T02:35:20", "description": "**Please note:** Starting 1/21/2021, we will be releasing the Chrome CVEs that are included in the new releases of Microsoft Edge (Chromium-based) directly in the Security Update Guide. Please see [Security Update Guide Supports CVEs Assigned by Industry Partners](<https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/>) for more information.\n\nThis advisory will be updated whenever Microsoft releases a version of Microsoft Edge (Chromium-based) which incorporates publicly disclosed security updates from the Chromium project. Microsoft will document separately any vulnerabilities in Microsoft Edge (Chromium-based), that are not in Chromium, under a Microsoft-assigned CVE number (see, for example: [CVE-2020-1341](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/cve-2020-1341>)).\n\n**History of Microsoft Edge (Chromium-based) Security Updates**\n\nMicrosoft Edge Version | Date Released | Based on Chromium Version | Highest Severity Fix in Release | CVEs \n---|---|---|---|--- \n87.0.664.75 | 1/7/2021 | 87.0.4280.141 | High | [CVE-2021-21106](<https://vulners.com/cve/CVE-2021-21106>), [CVE-2021-21107](<https://vulners.com/cve/CVE-2021-21107>), [CVE-2021-21108](<https://vulners.com/cve/CVE-2021-21108>), [CVE-2021-21109](<https://vulners.com/cve/CVE-2021-21109>), [CVE-2021-21110](<https://vulners.com/cve/CVE-2021-21110>), [CVE-2021-21111](<https://vulners.com/cve/CVE-2021-21111>), [CVE-2021-21112](<https://vulners.com/cve/CVE-2021-21112>), [CVE-2021-21113](<https://vulners.com/cve/CVE-2021-21113>), [CVE-2021-21114](<https://vulners.com/cve/CVE-2021-21114>), [CVE-2021-21115](<https://vulners.com/cve/CVE-2021-21115>), [CVE-2021-21116](<https://vulners.com/cve/CVE-2021-21116>), [CVE-2020-16043](<https://vulners.com/cve/CVE-2020-16043>), [CVE-2020-15995](<https://vulners.com/cve/CVE-2020-15995>) \n87.0.664.57 | 12/7/2020 | 87.0.4280.88 | High | [CVE-2020-16037](<https://vulners.com/cve/CVE-2020-16037>), [CVE-2020-16038](<https://vulners.com/cve/CVE-2020-16038>), [CVE-2020-16039](<https://vulners.com/cve/CVE-2020-16039>), [CVE-2020-16040](<https://vulners.com/cve/CVE-2020-16040>), [CVE-2020-16041](<https://vulners.com/cve/CVE-2020-16041>), [CVE-2020-16042](<https://vulners.com/cve/CVE-2020-16042>) \n87.0.664.41 | 11/19/2020 | 87.0.4280.66 for Windows and Linux, 87.0.4280.67 for Mac | High | [CVE-2019-8075](<https://vulners.com/cve/CVE-2019-8075>), [CVE-2020-16012](<https://vulners.com/cve/CVE-2020-16012>), [CVE-2020-16014](<https://vulners.com/cve/CVE-2020-16014>), [CVE-2020-16015](<https://vulners.com/cve/CVE-2020-16015>), [CVE-2020-16018](<https://vulners.com/cve/CVE-2020-16018>), [CVE-2020-16022](<https://vulners.com/cve/CVE-2020-16022>), [CVE-2020-16023](<https://vulners.com/cve/CVE-2020-16023>), [CVE-2020-16024](<https://vulners.com/cve/CVE-2020-16024>), [CVE-2020-16025](<https://vulners.com/cve/CVE-2020-16025>), [CVE-2020-16026](<https://vulners.com/cve/CVE-2020-16026>), [CVE-2020-16027](<https://vulners.com/cve/CVE-2020-16027>), [CVE-2020-16028](<https://cve.mitre.org/ci-bin/cvename.cgi?name=CVE-2020-16028>), [CVE-2020-16029](<https://vulners.com/cve/CVE-2020-16029>), [CVE-2020-16030](<https://vulners.com/cve/CVE-2020-16030>), [CVE-2020-16031](<https://vulners.com/cve/CVE-2020-16031>), [CVE-2020-16032](<https://vulners.com/cve/CVE-2020-16032>), [CVE-2020-16033](<https://vulners.com/cve/CVE-2020-16033>), [CVE-2020-16034](<https://vulners.com/cve/CVE-2020-16034>), [CVE-2020-16036](<https://vulners.com/cve/CVE-2020-16036>) \n86.0.622.69 | 11/13/2020 | 86.0.4240.198 | High | [**CVE-2020-16013**](<https://vulners.com/cve/CVE-2020-16013>) *, [**CVE-2020-16017**](<https://vulners.com/cve/CVE-2020-16017>) * \n86.0.622.68 | 11/11/2020 | 86.0.4240.193 | High | [CVE-2020-16016](<https://vulners.com/cve/CVE-2020-16016>) \n86.0.622.63 | 11/4/2020 | 86.0.4240.183 | High | [CVE-2020-16004](<https://vulners.com/cve/CVE-2020-16004>), [CVE-2020-16005](<https://vulners.com/cve/CVE-2020-16005>), [CVE-2020-16006](<https://vulners.com/cve/CVE-2020-16006>), [CVE-2020-16007](<https://vulners.com/cve/CVE-2020-16007>), [CVE-2020-16008](<https://vulners.com/cve/CVE-2020-16008>), [**CVE-2020-16009**](<https://vulners.com/cve/CVE-2020-16009>) *, [CVE-2020-16011](<https://vulners.com/cve/CVE-2020-16011>) \n86.0.622.51 | 10/22/2020 | 86.0.4240.111 | High | [**CVE-2020-15999**](<https://vulners.com/cve/CVE-2020-15999>) *, [CVE-2020-16000](<https://vulners.com/cve/CVE-2020-16000>), [CVE-2020-16001](<https://vulners.com/cve/CVE-2020-16001>), [CVE-2020-16002](<https://vulners.com/cve/CVE-2020-16002>), [CVE-2020-16003](<https://vulners.com/cve/CVE-2020-16003>) \n86.0.622.38 | 10/8/2020 | 86.0.4240.75 | High | [CVE-2020-6557](<https://vulners.com/cve/CVE-2020-6557>), [CVE-2020-15968](<https://vulners.com/cve/CVE-2020-15968>), [CVE-2020-15969](<https://vulners.com/cve/CVE-2020-15969>), [CVE-2020-15971](<https://vulners.com/cve/CVE-2020-15971>), [CVE-2020-15972](<https://vulners.com/cve/CVE-2020-15972>), [CVE-2020-15973](<https://vulners.com/cve/CVE-2020-15973>), [CVE-2020-15974](<https://vulners.com/cve/CVE-2020-15974>), [CVE-2020-15975](<https://vulners.com/cve/CVE-2020-15975>), [CVE-2020-15977](<https://vulners.com/cve/CVE-2020-15977>), [CVE-2020-15979](<https://vulners.com/cve/CVE-2020-15979>), [CVE-2020-15981](<https://vulners.com/cve/CVE-2020-15981>), [CVE-2020-15982](<https://vulners.com/cve/CVE-2020-15982>), [CVE-2020-15985](<https://cve.mitre.org/cgi-bin/cvenamecgi?name=CVE-2020-15985>), [CVE-2020-15987](<https://vulners.com/cve/CVE-2020-15987>), [CVE-2020-15988](<https://vulners.com/cve/CVE-2020-15988>), [CVE-2020-15989](<https://vulners.com/cve/CVE-2020-15989>), [CVE-2020-15990](<https://vulners.com/cve/CVE-2020-15990>), [CVE-2020-15991](<https://vulners.com/cve/CVE-2020-15991>), [CVE-2020-15992](<https://vulners.com/cve/CVE-2020-15992>) \n85.0.564.63 | 9/23/2020 | 85.0.4183.121 | High | [CVE-2020-15960](<https://vulners.com/cve/CVE-2020-15960>), [CVE-2020-15961](<https://vulners.com/cve/CVE-2020-15961>), [CVE-2020-15962](<https://vulners.com/cve/CVE-2020-15962>), [CVE-2020-15963](<https://vulners.com/cve/CVE-2020-15963>), [CVE-2020-15964](<https://vulners.com/cve/CVE-2020-15964>), [CVE-2020-15965](<https://vulners.com/cve/CVE-2020-15965>), [CVE-2020-15966](<https://vulners.com/cve/CVE-2020-15966>) \n85.0.564.51 | 9/9/2020 | 85.0.4183.102 | High | [CVE-2020-6574](<https://vulners.com/cve/CVE-2020-6574>), [CVE-2020-6575](<https://vulners.com/cve/CVE-2020-6575>), [CVE-2020-6576](<https://vulners.com/cve/CVE-2020-6576>), [CVE-2020-15959](<https://vulners.com/cve/CVE-2020-15959>) \n85.0.564.41 | 8/27/2020 | 85.0.4183.83 | High | [CVE-2020-6558](<https://vulners.com/cve/CVE-2020-6558>), [CVE-2020-6559](<https://vulners.com/cve/CVE-2020-6559>), [CVE-2020-6560](<https://vulners.com/cve/CVE-2020-6560>), [CVE-2020-6561](<https://vulners.com/cve/CVE-2020-6561>), [CVE-2020-6562](<https://vulners.com/cve/CVE-2020-6562>), [CVE-2020-6563](<https://vulners.com/cve/CVE-2020-6563>), [CVE-2020-6564](<https://vulners.com/cve/CVE-2020-6564>), [CVE-2020-6566](<https://vulners.com/cve/CVE-2020-6566>), [CVE-2020-6567](<https://vulners.com/cve/CVE-2020-6567>), [CVE-2020-6568](<https://vulners.com/cve/CVE-2020-6568>), [CVE-2020-6569](<https://vulners.com/cve/CVE-2020-6569>), [CVE-2020-6570](<https://vulners.com/cve/CVE-2020-6570>), [CVE-2020-6571](<https://vulners.com/cve/CVE-2020-6571>) \n84.0.522.63 | 8/20/2020 | 84.0.4147.135 | High | [CVE-2020-6556](<https://vulners.com/cve/CVE-2020-6556>) \n84.0.522.59 | 8/11/2020 | 84.0.4147.125 | High | [CVE-2020-6542](<https://vulners.com/cve/CVE-2020-6542>), [CVE-2020-6543](<https://vulners.com/cve/CVE-2020-6543>), [CVE-2020-6544](<https://vulners.com/cve/CVE-2020-6544>), [CVE-2020-6545](<https://vulners.com/cve/CVE-2020-6545>), [CVE-2020-6546](<https://vulners.com/cve/CVE-2020-6546>), [CVE-2020-6547](<https://vulners.com/cve/CVE-2020-6547>), [CVE-2020-6548](<https://vulners.com/cve/CVE-2020-6548>), [CVE-2020-6549](<https://vulners.com/cve/CVE-2020-6549>), [CVE-2020-6550](<https://vulners.com/cve/CVE-2020-6550>), [CVE-2020-6551](<https://vulners.com/cve/CVE-2020-6551>), [CVE-2020-6552](<https://vulners.com/cve/CVE-2020-6552>), [CVE-2020-6553](<https://vulners.com/cve/CVE-2020-6553>), [CVE-2020-6554](<https://vulners.com/cve/CVE-2020-6554>), [CVE-2020-6555](<https://vulners.com/cve/CVE-2020-6555>) \n84.0.522.49 | 7/30/2020 | 84.0.4147.105 | High | [CVE-2020-6532](<https://vulners.com/cve/CVE-2020-6532>), [CVE-2020-6537](<https://vulners.com/cve/CVE-2020-6537>), [CVE-2020-6538](<https://vulners.com/cve/CVE-2020-6538>), [CVE-2020-6539](<https://vulners.com/cve/CVE-2020-6539>), [CVE-2020-6540](<https://vulners.com/cve/CVE-2020-6540>), [CVE-2020-6541](<https://vulners.com/cve/CVE-2020-6541>) \n84.0.522.40 | 7/16/2020 | 84.0.4147.89 | Critical | [CVE-2020-6510](<https://vulners.com/cve/CVE-2020-6510>), [CVE-2020-6511](<https://vulners.com/cve/CVE-2020-6511>), [CVE-2020-6512](<https://vulners.com/cve/CVE-2020-6512>), [CVE-2020-6513](<https://vulners.com/cve/CVE-2020-6513>), [CVE-2020-6514](<https://vulners.com/cve/CVE-2020-6514>), [CVE-2020-6515](<https://vulners.com/cve/CVE-2020-6515>), [CVE-2020-6516](<https://vulners.com/cve/CVE-2020-6516>), [CVE-2020-6517](<https://vulners.com/cve/CVE-2020-6517>), [CVE-2020-6518](<https://vulners.com/cve/CVE-2020-6518>), [CVE-2020-6519](<https://vulners.com/cve/CVE-2020-6519>), [CVE-2020-6520](<https://vulners.com/cve/CVE-2020-6520>), [CVE-2020-6521](<https://vulners.com/cve/CVE-2020-6521>), [CVE-2020-6522](<https://vulners.com/cve/CVE-2020-6522>), [CVE-2020-6523](<https://vulners.com/cve/CVE-2020-6523>), [CVE-2020-6524](<https://vulners.com/cve/CVE-2020-6524>), [CVE-2020-6525](<https://vulners.com/cve/CVE-2020-6525>), [CVE-2020-6526](<https://vulners.com/cve/CVE-2020-6526>), [CVE-2020-6527](<https://vulners.com/cve/CVE-2020-6527>), [CVE-2020-6528](<https://vulners.com/cve/CVE-2020-6528>), [CVE-2020-6529](<https://vulners.com/cve/CVE-2020-6529>), [CVE-2020-6530](<https://vulners.com/cve/CVE-2020-6530>), [CVE-2020-6531](<https://vulners.com/cve/CVE-2020-6531>), [CVE-2020-6533](<https://vulners.com/cve/CVE-2020-6533>), [CVE-2020-6534](<https://vulners.com/cve/CVE-2020-6534>), [CVE-2020-6535](<https://vulners.com/cve/CVE-2020-6535>), [CVE-2020-6536](<https://vulners.com/cve/CVE-2020-6536>) \n83.0.478.56 | 6/24/2020 | 83.0.4103.116 | High | [CVE-2020-6509](<https://vulners.com/cve/CVE-2020-6509>) \n83.0.478.53 | 6/17/2020 | 83.0.4103.106 | High | [CVE-2020-6505](<https://vulners.com/cve/CVE-2020-6505>), [CVE-2020-6506](<https://vulners.com/cve/CVE-2020-6506>), [CVE-2020-6507](<https://vulners.com/cve/CVE-2020-6507>) \n83.0.478.45 | 6/4/2020 | 83.0.4103.97 | High | [CVE-2020-6493](<https://vulners.com/cve/CVE-2020-6493>), [CVE-2020-6494](<https://vulners.com/cve/CVE-2020-6494>), [CVE-2020-6495](<https://vulners.com/cve/CVE-2020-6495>), [CVE-2020-6496](<https://vulners.com/cve/CVE-2020-6496>) \n83.0.478.37 | 5/21/2020 | 83.0.4103.61 | High | [CVE-2020-6465](<https://vulners.com/cve/CVE-2020-6465>), [CVE-2020-6466](<https://vulners.com/cve/CVE-2020-6466>), [CVE-2020-6467](<https://vulners.com/cve/CVE-2020-6467>), [CVE-2020-6468](<https://vulners.com/cve/CVE-2020-6468>), [CVE-2020-6469](<https://vulners.com/cve/CVE-2020-6469>), [CVE-2020-6470](<https://vulners.com/cve/CVE-2020-6470>), [CVE-2020-6471](<https://vulners.com/cve/CVE-2020-6471>), [CVE-2020-6472](<https://vulners.com/cve/CVE-2020-6472>), [CVE-2020-6473](<https://vulners.com/cve/CVE-2020-6473>), [CVE-2020-6474](<https://vulners.com/cve/CVE-2020-6474>), [CVE-2020-6475](<https://vulners.com/cve/CVE-2020-6475>), [CVE-2020-6476](<https://vulners.com/cve/CVE-2020-6476>), [CVE-2020-6478](<https://vulners.com/cve/CVE-2020-6478>), [CVE-2020-6479](<https://vulners.com/cve/CVE-2020-6479>), [CVE-2020-6480](<https://vulners.com/cve/CVE-2020-6480>), [CVE-2020-6481](<https://vulners.com/cve/CVE-2020-6481>), [CVE-2020-6482](<https://vulners.com/cve/CVE-2020-6482>), [CVE-2020-6483](<https://vulners.com/cve/CVE-2020-6483>), [CVE-2020-6484](<https://vulners.com/cve/CVE-2020-6484>), [CVE-2020-6486](<https://vulners.com/cve/CVE-2020-6486>), [CVE-2020-6487](<https://vulners.com/cve/CVE-2020-6487>), [CVE-2020-6488](<https://vulners.com/cve/CVE-2020-6488>), [CVE-2020-6489](<https://vulners.com/cve/CVE-2020-6489>), [CVE-2020-6490](<https://vulners.com/cve/CVE-2020-640>) \n81.0.416.72 | 5/7/2020 | 81.0.4044.138 | High | [CVE-2020-6831](<https://vulners.com/cve/CVE-2020-6831>), [CVE-2020-6464](<https://vulners.com/cve/CVE-2020-6464>) \n81.0.416.68 | 4/29/2020 | 81.0.4044.129 | High | [CVE-2020-6461](<https://vulners.com/cve/CVE-2020-6461>), [CVE-2020-6462](<https://vulners.com/cve/CVE-2020-6462>) \n81.0.416.64 | 4/23/2020 | 81.0.4044.122 | High | [CVE-2020-6458](<https://vulners.com/cve/CVE-2020-6458>), [CVE-2020-6459](<https://vulners.com/cve/CVE-2020-6459>), [CVE-2020-6460](<https://vulners.com/cve/CVE-2020-6460>) \n81.0.416.58 | 4/17/2020 | 81.0.4044.113 | Critical | [CVE-2020-6457](<https://vulners.com/cve/CVE-2020-6457>) \n81.0.416.53 | 4/13/2020 | 81.0.4044.92 | High | [CVE-2020-6454](<https://vulners.com/cve/CVE-2020-6454>), [CVE-2020-6423](<https://vulners.com/cve/CVE-2020-6423>), [CVE-2020-6455](<https://vulners.com/cve/CVE-2020-6455>), [CVE-2020-6430](<https://vulners.com/cve/CVE-2020-6430>), [CVE-2020-6456](<https://vulners.com/cve/CVE-2020-6456>), [CVE-2020-6431](<https://vulners.com/cve/CVE-2020-6431>), [CVE-2020-6432](<https://vulners.com/cve/CVE-2020-6432>), [CVE-2020-6433](<https://vulners.com/cve/CVE-2020-6433>), [CVE-2020-6434](<https://vulners.com/cve/CVE-2020-6434>), [CVE-2020-6435](<https://vulners.com/cve/CVE-2020-6435>), [CVE-2020-6436](<https://vulners.com/cve/CVE-2020-6436>), [CVE-2020-6437](<https://vulners.com/cve/CVE-2020-6437>), [CVE-2020-6438](<https://vulners.com/cve/CVE-2020-6438>), [CVE-2020-6439](<https://vulners.com/cve/CVE-2020-6439>), [CVE-2020-6440](<https://vulners.com/cve/CVE-2020-6440>), [CVE-2020-6441](<https://vulners.com/cve/CVE-2020-6441>), [CVE-2020-6442](<https://vulners.com/cve/CVE-2020-6442>), [CVE-2020-6443](<https://vulners.com/cve/CVE-2020-6443>), [CVE-2020-6444](<https://vulners.com/cve/CVE-2020-6444>), [CVE-2020-6445](<https://vulners.com/cve/CVE-2020-6445>), [CVE-2020-6446](<https://vulners.com/cve/CVE-2020-6446>), [CVE-2020-6447](<https://vulners.com/cve/CVE-2020-6447>), [CVE-2020-6448](<https://vulners.com/cve/CVE-2020-6448>) \n80.0.361.109 | 4/1/2020 | 80.0.3987.162 | High | [CVE-2020-6450](<https://vulners.com/cve/CVE-2020-6450>), [CVE-2020-6451](<https://vulners.com/cve/CVE-2020-6451>), [CVE-2020-6452](<https://vulners.com/cve/CVE-2020-6452>) \n80.0.361.69 | 3/19/2020 | 80.0.3987.149 | High | [CVE-2020-6422](<https://vulners.com/cve/CVE-2020-6422>), [CVE-2020-6424](<https://vulners.com/cve/CVE-2020-6424>), [CVE-2020-6425](<https://vulners.com/cve/CVE-2020-6425>), [CVE-2020-6426](<https://vulners.com/cve/CVE-2020-6426>), [CVE-2020-6427](<https://vulners.com/cve/CVE-2020-6427>), [CVE-2020-6428](<https://vulners.com/cve/CVE-2020-6428>), [CVE-2020-6429](<https://vulners.com/cve/CVE-2020-6429>), [CVE-2019-20503](<https://vulners.com/cve/CVE-2019-20503>), [CVE-2020-6449](<https://vulners.com/cve/CVE-2020-6449>) \n80.0.361.66 | 3/4/2020 | 80.0.3987.132 | High | [CVE-2020-6420](<https://vulners.com/cve/CVE-2020-6420>) \n80.0.361.62 | 2/25/2020 | 80.0.3987.122 | High | [CVE-2020-6407](<https://vulners.com/cve/CVE-2020-6407>), [**CVE-2020-6418**](<https://vulners.com/cve/CVE-2020-6418>) * \n80.0.361.57 | 2/20/2020 | 80.0.3987.116 | High | [CVE-2020-6383](<https://vulners.com/cve/CVE-2020-6383>), [CVE-2020-6384](<https://vulners.com/cve/CVE-2020-6384>), [CVE-2020-6386](<https://vulners.com/cve/CVE-2020-6386>) \n80.0.361.48 | 2/7/2020 | 80.0.3987.87 | High | [CVE-2020-6381](<https://vulners.com/cve/CVE-2020-6381>), [CVE-2020-6382](<https://vulners.com/cve/CVE-2020-6382>), [CVE-2019-18197](<https://vulners.com/cve/CVE-2019-18197>), [CVE-2019-19926](<https://vulners.com/cve/CVE-2019-19926>), [CVE-2020-6385](<https://vulners.com/cve/CVE-2020-6385>), [CVE-2019-19880](<https://vulners.com/cve/CVE-2019-19880>), [CVE-2019-19925](<https://vulners.com/cve/CVE-2019-19925>), [CVE-2020-6387](<https://vulners.com/cve/CVE-2020-6387>), [CVE-2020-6388](<https://vulners.com/cve/CVE-2020-6388>), [CVE-2020-6389](<https://vulners.com/cve/CVE-2020-6389>), [CVE-2020-6390](<https://vulners.com/cve/CVE-2020-6390>), [CVE-2020-6391](<https://vulners.com/cve/CVE-2020-6391>), [CVE-2020-6392](<https://vulners.com/cve/CVE-202-6392>), [CVE-2020-6393](<https://vulners.com/cve/CVE-2020-6393>), [CVE-2020-6394](<https://vulners.com/cve/CVE-2020-6394>), [CVE-2020-6395](<https://vulners.com/cve/CVE-2020-6395>), [CVE-2020-6396](<https://vulners.com/cve/CVE-2020-6396>), [CVE-2020-6397](<https://vulners.com/cve/CVE-2020-6397>), [CVE-2020-6398](<https://vulners.com/cve/CVE-2020-6398>), [CVE-2020-6399](<https://vulners.com/cve/CVE-2020-6399>), [CVE-2020-6400](<https://vulners.com/cve/CVE-2020-6400>), [CVE-2020-6401](<https://vulners.com/cve/CVE-2020-6401>), [CVE-2020-6402](<https://vulners.com/cve/CVE-2020-6402>), [CVE-2020-6404](<https://vulners.com/cve/CVE-2020-6404>), [CVE-2020-6405](<https://vulners.com/cve/CVE-220-6405>), [CVE-2020-6406](<https://vulners.com/cve/CVE-2020-6406>), [CVE-2019-19923](<https://vulners.com/cve/CVE-2019-19923>), [CVE-2020-6408](<https://vulners.com/cve/CVE-2020-6408>), [CVE-2020-6409](<https://vulners.com/cve/CVE-2020-6409>), [CVE-2020-6410](<https://vulners.com/cve/CVE-2020-6410>), [CVE-2020-6411](<https://vulners.com/cve/CVE-2020-6411>), [CVE-2020-6412](<https://vulners.com/cve/CVE-2020-6412>), [CVE-2020-6413](<https://vulners.com/cve/CVE-2020-6413>), [CVE-2020-6414](<https://vulners.com/cve/CVE-2020-6414>), [CVE-2020-6415](<https://vulners.com/cve/CVE-2020-6415>), [CVE-2020-6416](<https://vulners.com/cve/CVE-2020-6416>), [CVE-2020-6417](<https://vulners.com/cve/CVE-2020-6417>) \n79.0.309.68 | 1/17/2020 | 79.0.3945.130 | Critical | [CVE-2020-6378](<https://vulners.com/cve/CVE-2020-6378>), [CVE-2020-6379](<https://vulners.com/cve/CVE-2020-6379>), [CVE-2020-6380](<https://vulners.com/cve/CVE-2020-6380>), [CVE-2020-0601](<https://vulners.com/cve/CVE-2020-0601>) \n \n* CVE\u2019s in **bold** have been reported to be exploited in the wild.\n\n**How can I see the version of the browser?**\n\n 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window\n 2. Click on **Help and Feedback**\n 3. Click on **About Microsoft Edge**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-28T08:00:00", "type": "mscve", "title": "Chromium Security Updates for Microsoft Edge (Chromium-Based)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18197", "CVE-2019-19880", "CVE-2019-19923", "CVE-2019-19925", "CVE-2019-19926", "CVE-2019-20503", "CVE-2019-8075", "CVE-2020-0601", "CVE-2020-1341", "CVE-2020-15959", "CVE-2020-15960", "CVE-2020-15961", "CVE-2020-15962", "CVE-2020-15963", "CVE-2020-15964", "CVE-2020-15965", "CVE-2020-15966", "CVE-2020-15968", "CVE-2020-15969", "CVE-2020-15971", "CVE-2020-15972", "CVE-2020-15973", "CVE-2020-15974", "CVE-2020-15975", "CVE-2020-15977", "CVE-2020-15979", "CVE-2020-15981", "CVE-2020-15982", "CVE-2020-15985", "CVE-2020-15987", "CVE-2020-15988", "CVE-2020-15989", "CVE-2020-15990", "CVE-2020-15991", "CVE-2020-15992", "CVE-2020-15995", "CVE-2020-15999", "CVE-2020-16000", "CVE-2020-16001", "CVE-2020-16002", "CVE-2020-16003", "CVE-2020-16004", "CVE-2020-16005", "CVE-2020-16006", "CVE-2020-16007", "CVE-2020-16008", "CVE-2020-16009", "CVE-2020-16011", "CVE-2020-16012", "CVE-2020-16013", "CVE-2020-16014", "CVE-2020-16015", "CVE-2020-16016", "CVE-2020-16017", "CVE-2020-16018", "CVE-2020-16022", "CVE-2020-16023", "CVE-2020-16024", "CVE-2020-16025", "CVE-2020-16026", "CVE-2020-16027", "CVE-2020-16028", "CVE-2020-16029", "CVE-2020-16030", "CVE-2020-16031", "CVE-2020-16032", "CVE-2020-16033", "CVE-2020-16034", "CVE-2020-16036", "CVE-2020-16037", "CVE-2020-16038", "CVE-2020-16039", "CVE-2020-16040", "CVE-2020-16041", "CVE-2020-16042", "CVE-2020-16043", "CVE-2020-6378", "CVE-2020-6379", "CVE-2020-6380", "CVE-2020-6381", "CVE-2020-6382", "CVE-2020-6383", "CVE-2020-6384", "CVE-2020-6385", "CVE-2020-6386", "CVE-2020-6387", "CVE-2020-6388", "CVE-2020-6389", "CVE-2020-6390", "CVE-2020-6391", "CVE-2020-6392", "CVE-2020-6393", "CVE-2020-6394", "CVE-2020-6395", "CVE-2020-6396", "CVE-2020-6397", "CVE-2020-6398", "CVE-2020-6399", "CVE-2020-6400", "CVE-2020-6401", "CVE-2020-6402", "CVE-2020-6404", "CVE-2020-6405", "CVE-2020-6406", "CVE-2020-6407", "CVE-2020-6408", "CVE-2020-6409", "CVE-2020-6410", "CVE-2020-6411", "CVE-2020-6412", "CVE-2020-6413", "CVE-2020-6414", "CVE-2020-6415", "CVE-2020-6416", "CVE-2020-6417", "CVE-2020-6418", "CVE-2020-6420", "CVE-2020-6422", "CVE-2020-6423", "CVE-2020-6424", "CVE-2020-6425", "CVE-2020-6426", "CVE-2020-6427", "CVE-2020-6428", "CVE-2020-6429", "CVE-2020-6430", "CVE-2020-6431", "CVE-2020-6432", "CVE-2020-6433", "CVE-2020-6434", "CVE-2020-6435", "CVE-2020-6436", "CVE-2020-6437", "CVE-2020-6438", "CVE-2020-6439", "CVE-2020-6440", "CVE-2020-6441", "CVE-2020-6442", "CVE-2020-6443", "CVE-2020-6444", "CVE-2020-6445", "CVE-2020-6446", "CVE-2020-6447", "CVE-2020-6448", "CVE-2020-6449", "CVE-2020-6450", "CVE-2020-6451", "CVE-2020-6452", "CVE-2020-6454", "CVE-2020-6455", "CVE-2020-6456", "CVE-2020-6457", "CVE-2020-6458", "CVE-2020-6459", "CVE-2020-6460", "CVE-2020-6461", "CVE-2020-6462", "CVE-2020-6464", "CVE-2020-6465", "CVE-2020-6466", "CVE-2020-6467", "CVE-2020-6468", "CVE-2020-6469", "CVE-2020-6470", "CVE-2020-6471", "CVE-2020-6472", "CVE-2020-6473", "CVE-2020-6474", "CVE-2020-6475", "CVE-2020-6476", "CVE-2020-6478", "CVE-2020-6479", "CVE-2020-6480", "CVE-2020-6481", "CVE-2020-6482", "CVE-2020-6483", "CVE-2020-6484", "CVE-2020-6486", "CVE-2020-6487", "CVE-2020-6488", "CVE-2020-6489", "CVE-2020-6490", "CVE-2020-6493", "CVE-2020-6494", "CVE-2020-6495", "CVE-2020-6496", "CVE-2020-6505", "CVE-2020-6506", "CVE-2020-6507", "CVE-2020-6509", "CVE-2020-6510", "CVE-2020-6511", "CVE-2020-6512", "CVE-2020-6513", "CVE-2020-6514", "CVE-2020-6515", "CVE-2020-6516", "CVE-2020-6517", "CVE-2020-6518", "CVE-2020-6519", "CVE-2020-6520", "CVE-2020-6521", "CVE-2020-6522", "CVE-2020-6523", "CVE-2020-6524", "CVE-2020-6525", "CVE-2020-6526", "CVE-2020-6527", "CVE-2020-6528", "CVE-2020-6529", "CVE-2020-6530", "CVE-2020-6531", "CVE-2020-6532", "CVE-2020-6533", "CVE-2020-6534", "CVE-2020-6535", "CVE-2020-6536", "CVE-2020-6537", "CVE-2020-6538", "CVE-2020-6539", "CVE-2020-6540", "CVE-2020-6541", "CVE-2020-6542", "CVE-2020-6543", "CVE-2020-6544", "CVE-2020-6545", "CVE-2020-6546", "CVE-2020-6547", "CVE-2020-6548", "CVE-2020-6549", "CVE-2020-6550", "CVE-2020-6551", "CVE-2020-6552", "CVE-2020-6553", "CVE-2020-6554", "CVE-2020-6555", "CVE-2020-6556", "CVE-2020-6557", "CVE-2020-6558", "CVE-2020-6559", "CVE-2020-6560", "CVE-2020-6561", "CVE-2020-6562", "CVE-2020-6563", "CVE-2020-6564", "CVE-2020-6566", "CVE-2020-6567", "CVE-2020-6568", "CVE-2020-6569", "CVE-2020-6570", "CVE-2020-6571", "CVE-2020-6574", "CVE-2020-6575", "CVE-2020-6576", "CVE-2020-6831", "CVE-2021-21106", "CVE-2021-21107", "CVE-2021-21108", "CVE-2021-21109", "CVE-2021-21110", "CVE-2021-21111", "CVE-2021-21112", "CVE-2021-21113", "CVE-2021-21114", "CVE-2021-21115", "CVE-2021-21116"], "modified": "2021-01-21T08:00:00", "id": "MS:ADV200002", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV200002", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}