AVG-1118 log

Package chromium
Status Fixed
Severity High
Type multiple issues
Affected 80.0.3987.132-2
Fixed 80.0.3987.149-1
Current 85.0.4183.121-1 [extra]
Ticket None
Created Thu Mar 19 09:25:56 2020
Issue Severity Remote Type Description
CVE-2020-6449 High Yes Arbitrary code execution
A use-after-free security issue has been found in the audio component of the chromium browser before 80.0.3987.149.
CVE-2020-6429 High Yes Arbitrary code execution
A use-after-free security issue has been found in the audio component of the chromium browser before 80.0.3987.149.
CVE-2020-6428 High Yes Arbitrary code execution
A use-after-free security issue has been found in the audio component of the chromium browser before 80.0.3987.149.
CVE-2020-6427 High Yes Arbitrary code execution
A use after free security issue has been found in the audio component of the chromium browser before 80.0.3987.149.
CVE-2020-6426 High Yes Access restriction bypass
An inappropriate implementation security issue has been found in the V8 component of the chromium browser before 80.0.3987.149.
CVE-2020-6425 High Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 80.0.3987.149.
CVE-2020-6424 High Yes Arbitrary code execution
A use-after-free security issue has been found in the media component of the chromium browser before 80.0.3987.149.
CVE-2020-6422 High Yes Arbitrary code execution
A use-after-free security issue has been found in the WebGL component of the chromium browser before 80.0.3987.149.
CVE-2019-20503 Medium Yes Information disclosure
An out-of-bounds read has been found in Firefox before 74, Thunderbird before 68.6 and chromium before 80.0.3987.149. The inputs to...
Date Advisory Package Description
19 Mar 2020 ASA-202003-12 chromium multiple issues
References
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html