AVG-1092 log

Package	chromium
Status	Fixed
Severity	Critical
Type	multiple issues
Affected	79.0.3945.130-2
Fixed	80.0.3987.87-1
Current	131.0.6778.85-1 [extra]
Ticket	None
Created	Thu Feb 6 08:57:15 2020

Issue	Severity	Remote	Type	Description
CVE-2020-6416	Low	Yes	Insufficient validation	An insufficient data validation security issue has been found in the streams component of the chromium browser before 80.0.3987.8.
CVE-2020-6415	Low	Yes	Access restriction bypass	An inappropriate implementation security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
CVE-2020-6414	Low	Yes	Access restriction bypass	An insufficient policy enforcement security issue has been found in the Safe Browsing component of the chromium browser before 80.0.3987.8.
CVE-2020-6413	Low	Yes	Access restriction bypass	An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6412	Low	Yes	Insufficient validation	An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6411	Low	Yes	Insufficient validation	An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6410	Low	Yes	Access restriction bypass	An insufficient policy enforcement security issue has been found in the navigation component of the chromium browser before 80.0.3987.8.
CVE-2020-6409	Low	Yes	Access restriction bypass	An inappropriate implementation security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6408	Low	Yes	Access restriction bypass	An insufficient policy enforcement security issue has been found in the CORS component of the chromium browser before 80.0.3987.8.
CVE-2020-6406	Medium	Yes	Arbitrary code execution	A use-after-free security issue has been found in the Audio component of the chromium browser before 80.0.3987.8.
CVE-2020-6405	Medium	Yes	Information disclosure	An out of bounds read has been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2020-6404	Medium	Yes	Access restriction bypass	An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6403	Medium	Yes	Content spoofing	A incorrect security UI issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6402	Medium	Yes	Access restriction bypass	An insufficient policy enforcement security issue has been found in the Downloads component of the chromium browser before 80.0.3987.8.
CVE-2020-6401	Medium	Yes	Insufficient validation	An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6400	Medium	Yes	Access restriction bypass	An inappropriate implementation issue has been found in the CORS component of the chromium browser before 80.0.3987.8.
CVE-2020-6399	Medium	Yes	Access restriction bypass	An insufficient policy enforcement issue has been found in the AppCache component of the chromium browser before 80.0.3987.8.
CVE-2020-6398	Medium	Yes	Information disclosure	An uninitialized use has been found in the PDFium component of the chromium browser before 80.0.3987.8.
CVE-2020-6397	Medium	Yes	Content spoofing	An incorrect security UI issue has been found in the sharing component of the chromium browser before 80.0.3987.8.
CVE-2020-6396	Medium	Yes	Access restriction bypass	An inappropriate implementation security issue has been found in the Skia component of the chromium browser before 80.0.3987.8.
CVE-2020-6395	Medium	Yes	Information disclosure	An out of bounds read has been found in the javascript component of the chromium browser before 80.0.3987.8.
CVE-2020-6394	Medium	Yes	Access restriction bypass	An insufficient policy enforcement security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6393	Medium	Yes	Access restriction bypass	An insufficient policy enforcement security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6392	Medium	Yes	Access restriction bypass	An insufficient policy enforcement security issue has been found in the Extensions component of the chromium browser before 80.0.3987.8.
CVE-2020-6391	Medium	Yes	Insufficient validation	An insufficient validation of untrusted input security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6390	High	Yes	Information disclosure	An out of bounds memory access has been found in the streams component of the chromium browser before 80.0.3987.8.
CVE-2020-6389	Critical	Yes	Arbitrary code execution	An out of bounds write has been found in the WebRTC component of the chromium browser before 80.0.3987.8.
CVE-2020-6388	High	Yes	Information disclosure	An out of bounds memory access has been found in the WebAudio component of the chromium browser before 80.0.3987.8.
CVE-2020-6387	Critical	Yes	Arbitrary code execution	An out of bounds write has been found in the WebRTC component of the chromium browser before 80.0.3987.8.
CVE-2020-6385	High	Yes	Access restriction bypass	An insufficient policy enforcement security issue has been found in the storage component of the chromium browser before 80.0.3987.8.
CVE-2020-6382	High	Yes	Arbitrary code execution	A type confusion security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
CVE-2020-6381	High	Yes	Arbitrary code execution	An integer overflow security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
CVE-2019-19926	High	Yes	Insufficient validation	An inappropriate implementation security issue has been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2019-19925	High	Yes	Insufficient validation	Multiple vulnerabilities have been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2019-19923	Medium	Yes	Information disclosure	An out of bounds memory access has been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2019-19880	High	Yes	Insufficient validation	Multiple vulnerabilities have been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2019-18197	High	Yes	Insufficient validation	Multiple vulnerabilities have been found in the xml component of the chromium browser before 80.0.3987.8.

Date	Advisory	Package	Type
06 Feb 2020	ASA-202002-3	chromium	multiple issues

References
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html