AVG-1238 log

Package chromium
Status Fixed
Severity Critical
Type multiple issues
Affected 85.0.4183.121-1
Fixed 86.0.4240.75-1
Current 130.0.6723.116-1 [extra]
Ticket None
Created Sat Oct 10 13:23:35 2020
Issue Severity Remote Type Description
CVE-2020-15992 Medium Yes Access restriction bypass 
An insufficient policy enforcement security issue has been found in the networking component of the chromium browser before 86.0.4240.75.
CVE-2020-15991 High Yes Arbitrary code execution 
A use after free security issue has been found in the password manager component of the chromium browser before 86.0.4240.75.
CVE-2020-15990 High Yes Arbitrary code execution 
A use after free security issue has been found in the autofill component of the chromium browser before 86.0.4240.75.
CVE-2020-15989 Low Yes Information disclosure 
An uninitialized use security issue has been found in the PDFium component of the chromium browser before 86.0.4240.75.
CVE-2020-15988 Low Yes Access restriction bypass 
An insufficient policy enforcement security issue has been found in the downloads component of the chromium browser before 86.0.4240.75.
CVE-2020-15987 Medium Yes Arbitrary code execution 
A use after free security issue has been found in the WebRTC component of the chromium browser before 86.0.4240.75.
CVE-2020-15986 Medium Yes Arbitrary code execution 
An integer overflow security issue has been found in the media component of the chromium browser before 86.0.4240.75.
CVE-2020-15985 Medium Yes Access restriction bypass 
An inappropriate implementation security issue has been found in the Blink component of the chromium browser before 86.0.4240.75.
CVE-2020-15984 Medium Yes Access restriction bypass 
An insufficient policy enforcement security issue has been found in the Omnibox component of the chromium browser before 86.0.4240.75.
CVE-2020-15983 Medium Yes Insufficient validation 
An insufficient data validation security issue has been found in the webUI component of the chromium browser before 86.0.4240.75.
CVE-2020-15982 Medium Yes Information disclosure 
A side-channel information leakage security issue has been found in the cache component of the chromium browser before 86.0.4240.75.
CVE-2020-15981 Medium Yes Information disclosure 
An out of bounds read security issue has been found in the audio component of the chromium browser before 86.0.4240.75.
CVE-2020-15980 Medium Yes Access restriction bypass 
An insufficient policy enforcement security issue has been found in the Intents component of the chromium browser before 86.0.4240.75.
CVE-2020-15979 Medium Yes Access restriction bypass 
An inappropriate implementation security issue has been found in the V8 component of the chromium browser before 86.0.4240.75.
CVE-2020-15978 Medium Yes Insufficient validation 
An insufficient data validation security issue has been found in the navigation component of the chromium browser before 86.0.4240.75.
CVE-2020-15977 Medium Yes Insufficient validation 
An insufficient data validation security issue has been found in the dialogs component of the chromium browser before 86.0.4240.75.
CVE-2020-15976 Medium Yes Arbitrary code execution 
A use after free security issue has been found in the WebXR component of the chromium browser before 86.0.4240.75.
CVE-2020-15975 Medium Yes Arbitrary code execution 
An integer overflow security issue has been found in the SwiftShader component of the chromium browser before 86.0.4240.75.
CVE-2020-15974 Medium Yes Arbitrary code execution 
An integer overflow security issue has been found in the Blink component of the chromium browser before 86.0.4240.75.
CVE-2020-15973 Medium Yes Access restriction bypass 
An insufficient policy enforcement security issue has been found in the extensions component of the chromium browser before 86.0.4240.75.
CVE-2020-15972 High Yes Arbitrary code execution 
A use after free security issue has been found in the audio component of the chromium browser before 86.0.4240.75.
CVE-2020-15971 High Yes Arbitrary code execution 
A use after free security issue has been found in the printing component of the chromium browser before 86.0.4240.75.
CVE-2020-15970 High Yes Arbitrary code execution 
A use after free security issue has been found in the NFC component of the chromium browser before 86.0.4240.75.
CVE-2020-15969 High Yes Arbitrary code execution 
A use after free security issue has been found in the WebRTC component of the chromium browser before 86.0.4240.75 and of Firefox before 82.0.
CVE-2020-15968 High Yes Arbitrary code execution 
A use after free security issue has been found in the Blink component of the chromium browser before 86.0.4240.75.
CVE-2020-15967 Critical Yes Arbitrary code execution 
A use after free security issue has been found in the payments component of the chromium browser before 86.0.4240.75.
CVE-2020-6557 Medium Yes Access restriction bypass 
An inappropriate implementation security issue has been found in the networking component of the chromium browser before 86.0.4240.75.
Date Advisory Package Type
10 Oct 2020 ASA-202010-1 chromium multiple issues
References 
https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html