AVG-1092 log

Package chromium
Status Fixed
Severity Critical
Type multiple issues
Affected 79.0.3945.130-2
Fixed 80.0.3987.87-1
Current 85.0.4183.121-1 [extra]
Ticket None
Created Thu Feb 6 08:57:15 2020
Issue Severity Remote Type Description
CVE-2020-6416 Low Yes Insufficient validation
An insufficient data validation security issue has been found in the streams component of the chromium browser before 80.0.3987.8.
CVE-2020-6415 Low Yes Access restriction bypass
An inappropriate implementation security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
CVE-2020-6414 Low Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the Safe Browsing component of the chromium browser before 80.0.3987.8.
CVE-2020-6413 Low Yes Access restriction bypass
An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6412 Low Yes Insufficient validation
An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6411 Low Yes Insufficient validation
An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6410 Low Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the navigation component of the chromium browser before 80.0.3987.8.
CVE-2020-6409 Low Yes Access restriction bypass
An inappropriate implementation security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6408 Low Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the CORS component of the chromium browser before 80.0.3987.8.
CVE-2020-6406 Medium Yes Arbitrary code execution
A use-after-free security issue has been found in the Audio component of the chromium browser before 80.0.3987.8.
CVE-2020-6405 Medium Yes Information disclosure
An out of bounds read has been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2020-6404 Medium Yes Access restriction bypass
An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6403 Medium Yes Content spoofing
A incorrect security UI issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6402 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the Downloads component of the chromium browser before 80.0.3987.8.
CVE-2020-6401 Medium Yes Insufficient validation
An insufficient validation of untrusted input security issue has been found in the OmniBox component of the chromium browser before 80.0.3987.8.
CVE-2020-6400 Medium Yes Access restriction bypass
An inappropriate implementation issue has been found in the CORS component of the chromium browser before 80.0.3987.8.
CVE-2020-6399 Medium Yes Access restriction bypass
An insufficient policy enforcement issue has been found in the AppCache component of the chromium browser before 80.0.3987.8.
CVE-2020-6398 Medium Yes Information disclosure
An uninitialized use has been found in the PDFium component of the chromium browser before 80.0.3987.8.
CVE-2020-6397 Medium Yes Content spoofing
An incorrect security UI issue has been found in the sharing component of the chromium browser before 80.0.3987.8.
CVE-2020-6396 Medium Yes Access restriction bypass
An inappropriate implementation security issue has been found in the Skia component of the chromium browser before 80.0.3987.8.
CVE-2020-6395 Medium Yes Information disclosure
An out of bounds read has been found in the javascript component of the chromium browser before 80.0.3987.8.
CVE-2020-6394 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6393 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6392 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the Extensions component of the chromium browser before 80.0.3987.8.
CVE-2020-6391 Medium Yes Insufficient validation
An insufficient validation of untrusted input security issue has been found in the Blink component of the chromium browser before 80.0.3987.8.
CVE-2020-6390 High Yes Information disclosure
An out of bounds memory access has been found in the streams component of the chromium browser before 80.0.3987.8.
CVE-2020-6389 Critical Yes Arbitrary code execution
An out of bounds write has been found in the WebRTC component of the chromium browser before 80.0.3987.8.
CVE-2020-6388 High Yes Information disclosure
An out of bounds memory access has been found in the WebAudio component of the chromium browser before 80.0.3987.8.
CVE-2020-6387 Critical Yes Arbitrary code execution
An out of bounds write has been found in the WebRTC component of the chromium browser before 80.0.3987.8.
CVE-2020-6385 High Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the storage component of the chromium browser before 80.0.3987.8.
CVE-2020-6382 High Yes Arbitrary code execution
A type confusion security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
CVE-2020-6381 High Yes Arbitrary code execution
An integer overflow security issue has been found in the javascript component of the chromium browser before 80.0.3987.8.
CVE-2019-19926 High Yes Insufficient validation
An inappropriate implementation security issue has been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2019-19925 High Yes Insufficient validation
Multiple vulnerabilities have been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2019-19923 Medium Yes Information disclosure
An out of bounds memory access has been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2019-19880 High Yes Insufficient validation
Multiple vulnerabilities have been found in the SQLite component of the chromium browser before 80.0.3987.8.
CVE-2019-18197 High Yes Insufficient validation
Multiple vulnerabilities have been found in the xml component of the chromium browser before 80.0.3987.8.
Date Advisory Package Description
06 Feb 2020 ASA-202002-3 chromium multiple issues
References
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html