Lucene search

K

Veracode Vulnerability DatabaseVERACODE:28753

HistoryDec 21, 2020 - 7:58 p.m.

Sandbox Escape

2020-12-2119:58:57

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

14

chromium

sandbox escape

mojo

google chrome

remote attacker

renderer process

crafted html page

EPSS

0.005

Percentile

77.2%

chromium, sid is vulnerable to sandbox escape. Race in Mojo in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

References

lists.opensuse.org/opensuse-security-announce/2020-09/msg00072.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html

lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html

lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html

chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop.html

crbug.com/1081874

lists.fedoraproject.org/archives/list/[email protected]/message/FN7HZIGAOCZKBT4LV363BCPRA5FLY25I/

lists.fedoraproject.org/archives/list/[email protected]/message/GNIYFJST4TFJYFZ27VODBOINCLBGULTD/

security-tracker.debian.org/tracker/CVE-2020-6575

security.gentoo.org/glsa/202101-30

www.debian.org/security/2021/dsa-4824

EPSS

0.005

Percentile

77.2%

Related for VERACODE:28753

debiancve1 cve1 redhatcve1 ubuntucve1 nvd1 cvelist1 prion1 nessus12 gentoo2 openvas7 archlinux1 redhat1 kaspersky2 chrome1 fedora3 freebsd1 suse4 debian1 osv3 mscve1