AVG-1323 log

Package chromium
Status Fixed
Severity High
Type multiple issues
Affected 87.0.4280.66-1
Fixed 87.0.4280.88-1
Current 129.0.6668.100-1 [extra]
Ticket None
Created Sun Dec 6 09:03:21 2020
Issue Severity Remote Type Description
CVE-2020-16042 High Yes Information disclosure
An uninitialized use security issue has been found in the V8 component of the chromium browser before version 87.0.4280.88 and Firefox before 84.0.
CVE-2020-16041 Medium Yes Denial of service
An out of bounds read security issue has been found in the networking component of the chromium browser before version 87.0.4280.88.
CVE-2020-16040 High Yes Insufficient validation
An insufficient data validation security issue has been found in the V8 component of the chromium browser before version 87.0.4280.88.
CVE-2020-16039 High Yes Arbitrary code execution
A use after free security issue has been found in the extensions component of the chromium browser before version 87.0.4280.88.
CVE-2020-16038 High Yes Arbitrary code execution
A use after free security issue has been found in the media component of the chromium browser before version 87.0.4280.88.
CVE-2020-16037 High Yes Arbitrary code execution
A use after free security issue has been found in the clipboard component of the chromium browser before version 87.0.4280.88.
Date Advisory Package Type
09 Dec 2020 ASA-202012-14 chromium multiple issues
References
https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html