Описание
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information.
Below is a complete list of vulnerabilities:
- A implementation vulnerability in WebView component can be exploited to execute arbitrary code.
- A policy enforcement vulnerability in extensions components can be exploited remotely to bypass same origin policy.
- A policy enforcement vulnerability in trusted types can be exploited to bypass same origin policy.
- A policy enforcement vulnerability in full screen component can be exploited to bypass same origin policy.
- Out of bounds read vulnerability in WebSQL can be exploited to cause denial of service.
- A policy enforcement vulnerability in navigations components can be exploited can be exploited to bypass same origin policy.
- Type confusion vulnerability in V8 component can be exploited to cause denial of service.
- Use after free vulnerability in V8 component can be exploited to execute arbitrary code.
- A policy enforcement vulnerability in extensions components can be exploited to bypass same origin policy.
- A policy enforcement vulnerability in navigations components can be exploited to bypass same origin policy.
- Use after free vulnerability in extensions components can be exploited to execute arbitrary code.
- Uninitialized use vulnerability in WebRTC component can be exploited to bypass security restrictions and obtain sensitive information
- A data validation vulnerability in developer tools can be exploited to bypass security restrictions.
- A validation of untrusted input vulnerability in clipboard component can be exploited to bypass security restrictions.
- A implementation vulnerability in extensions components can be exploited to execute arbitrary code.
- A policy enforcement vulnerability in omnibox component can be exploited to bypass same origin policy.
- A implementation vulnerability in developer tools can be exploited to execute arbitrary code.
- Use after free vulnerability in developer tools can be exploited to execute arbitrary code.
- Use after free vulnerability in window management can be exploited to execute arbitrary code.
- A implementation vulnerability in cache component can be exploited to execute arbitrary code.
- Use after free vulnerability in audio component can be exploited to execute arbitrary code.
- Out of bounds read and write vulnerability in V8 can be exploited to cause denial of service and obtain sensitive information.
- Use after free vulnerability in media component can be exploited to execute arbitrary code and cause denial of service.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2020-6437 warning
- CVE-2020-6433 warning
- CVE-2020-6446 warning
- CVE-2020-6431 warning
- CVE-2020-6455 high
- CVE-2020-6439 high
- CVE-2020-6430 high
- CVE-2020-6448 high
- CVE-2020-6435 warning
- CVE-2020-6432 warning
- CVE-2020-6454 high
- CVE-2020-6444 high
- CVE-2020-6443 high
- CVE-2020-6456 warning
- CVE-2020-6438 warning
- CVE-2020-6440 warning
- CVE-2020-6441 warning
- CVE-2020-6447 high
- CVE-2020-6434 high
- CVE-2020-6445 warning
- CVE-2020-6436 high
- CVE-2020-6442 warning
- CVE-2020-6423 high
- CVE-2020-6419 high
- CVE-2020-6572 critical
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!