AVG-1128 log

Package chromium
Status Fixed
Severity High
Type multiple issues
Affected 80.0.3987.163-1
Fixed 81.0.4044.92-1
Current 85.0.4183.102-1 [extra]
Ticket None
Created Wed Apr 8 07:56:55 2020
Issue Severity Remote Type Description
CVE-2020-6456 Medium No Insufficient validation
An insufficient validation of untrusted input security issue has been found in the clipboard component of the chromium browser before 81.0.4044.92.
CVE-2020-6455 High Yes Information disclosure
A out of bounds read security issue has been found in the WebSQL component of the chromium browser before 81.0.4044.92.
CVE-2020-6454 High Yes Arbitrary code execution
A use after free security issue has been found in the extensions component of the chromium browser before 81.0.4044.92.
CVE-2020-6448 Low Yes Arbitrary code execution
A use-after-free security issue has been found in the V8 component of the chromium browser before 81.0.4044.92.
CVE-2020-6447 Low Yes Access restriction bypass
An inappropriate implementation security issue has been found in the developer tools component of the chromium browser before 81.0.4044.92.
CVE-2020-6446 Low Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the trusted types component of the chromium browser before 81.0.4044.92.
CVE-2020-6445 Low Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the trusted types component of the chromium browser before 81.0.4044.92.
CVE-2020-6444 Low Yes Information disclosure
An uninitialized memory use issue has been found in the WebRTC component of the chromium browser before 81.0.4044.92.
CVE-2020-6443 Low Yes Insufficient validation
An insufficient data validation security issue has been found in the developer tools component of the chromium browser before 81.0.4044.92.
CVE-2020-6442 Low Yes Access restriction bypass
An inappropriate implementation security issue has been found in the cache component of the chromium browser before 81.0.4044.92.
CVE-2020-6441 Low No Access restriction bypass
An insufficient policy enforcement security issue has been found in the omnibox component of the chromium browser before 81.0.4044.92.
CVE-2020-6440 Low Yes Access restriction bypass
An inappropriate implementation security issue has been found in the extensions component of the chromium browser before 81.0.4044.92.
CVE-2020-6439 Low No Access restriction bypass
An insufficient policy enforcement security issue has been found in the navigations component of the chromium browser before 81.0.4044.92.
CVE-2020-6438 Low Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 81.0.4044.92.
CVE-2020-6437 Low Yes Access restriction bypass
An inappropriate implementation security issue has been found in the WebView component of the chromium browser before 81.0.4044.92.
CVE-2020-6436 Medium Yes Arbitrary code execution
A use-after-free security issue has been found in the window management component of the chromium browser before 81.0.4044.92.
CVE-2020-6435 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 81.0.4044.92.
CVE-2020-6434 Medium Yes Arbitrary code execution
A use-after-free security issue has been found in the devtools component of the chromium browser before 81.0.4044.92.
CVE-2020-6433 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 81.0.4044.92.
CVE-2020-6432 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the navigations component of the chromium browser before 81.0.4044.92.
CVE-2020-6431 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the full screen component of the chromium browser before 81.0.4044.92.
CVE-2020-6430 Medium Yes Arbitrary code execution
A type confusion security issue has been found in the V8 component of the chromium browser before 81.0.4044.92.
CVE-2020-6423 High Yes Arbitrary code execution
A use after free security issue has been found in the audio component of the chromium browser before 81.0.4044.92.
Date Advisory Package Description
08 Apr 2020 ASA-202004-9 chromium multiple issues
References
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html