AVG-1234 log

Package chromium
Status Fixed
Severity High
Type multiple issues
Affected 85.0.4183.102-1
Fixed 85.0.4183.121-1
Current 95.0.4638.54-2 [extra]
Ticket None
Created Wed Sep 23 14:58:45 2020
Issue Severity Remote Type Description
CVE-2020-15966 Low Yes Insufficient validation
An insufficient data validation security issue has been found in the media component of the chromium browser before 85.0.4183.121.
CVE-2020-15965 Medium Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 85.0.4183.121.
CVE-2020-15964 High Yes Arbitrary code execution
An out of bounds write security issue has been found in the V8 component of the chromium browser before 85.0.4183.121.
CVE-2020-15963 High Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 85.0.4183.121.
CVE-2020-15962 High Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the serial component of the chromium browser before 85.0.4183.121.
CVE-2020-15961 High Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 85.0.4183.121
CVE-2020-15960 High Yes Information disclosure
An out of bounds read security issue has been found in the storage component of the chromium browser before 85.0.4183.121.
Date Advisory Package Type
23 Sep 2020 ASA-202009-9 chromium multiple issues
References
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html