CVE-2020-6452 - Vulnerability Details

Vendors	Products
Fedoraproject	Fedora
Google	Chrome
Opensuse	Backports Leap
Redhat	Rhel Extras

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6 Supplementary
chromium-browser-0:80.0.3987.162-1.el6_10	cpe:/a:redhat:rhel_extras:6	RHSA-2020:1350	2020-04-07T00:00:00Z

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html
https://crbug.com/1059764
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/
https://nvd.nist.gov/vuln/detail/CVE-2020-6452
https://www.cve.org/CVERecord?id=CVE-2020-6452

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Chrome", "vendor": "Google", "versions": [{"lessThan": "80.0.3987.162", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."}], "problemTypes": [{"descriptions": [{"description": "Heap buffer overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-19T02:06:12", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html"}, {"tags": ["x_refsource_MISC"], "url": "https://crbug.com/1059764"}, {"name": "openSUSE-SU-2020:0519", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html"}, {"name": "FEDORA-2020-b2df49bb01", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/"}, {"name": "FEDORA-2020-161c87cbc7", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/"}, {"name": "openSUSE-SU-2020:0540", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2020-6452", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Chrome", "version": {"version_data": [{"version_affected": "<", "version_value": "80.0.3987.162"}]}}]}, "vendor_name": "Google"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap buffer overflow"}]}]}, "references": {"reference_data": [{"name": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html"}, {"name": "https://crbug.com/1059764", "refsource": "MISC", "url": "https://crbug.com/1059764"}, {"name": "openSUSE-SU-2020:0519", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html"}, {"name": "FEDORA-2020-b2df49bb01", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/"}, {"name": "FEDORA-2020-161c87cbc7", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/"}, {"name": "openSUSE-SU-2020:0540", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:02:40.718Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://crbug.com/1059764"}, {"name": "openSUSE-SU-2020:0519", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html"}, {"name": "FEDORA-2020-b2df49bb01", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/"}, {"name": "FEDORA-2020-161c87cbc7", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/"}, {"name": "openSUSE-SU-2020:0540", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2020-6452", "datePublished": "2020-04-13T17:31:02", "dateReserved": "2020-01-08T00:00:00", "dateUpdated": "2024-08-04T09:02:40.718Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Chrome (string)

vendor : Google (string)

versions : [ »

0 : { »

lessThan : 80.0.3987.162 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Heap buffer overflow (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-04-19T02:06:12 (string)

orgId : ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28 (string)

shortName : Chrome (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://crbug.com/1059764 (string)

}

2 : { »

name : openSUSE-SU-2020:0519 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html (string)

}

3 : { »

name : FEDORA-2020-b2df49bb01 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/ (string)

}

4 : { »

name : FEDORA-2020-161c87cbc7 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/ (string)

}

5 : { »

name : openSUSE-SU-2020:0540 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : chrome-cve-admin@google.com (string)

ID : CVE-2020-6452 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Chrome (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 80.0.3987.162 (string)

}

]

}

]

}

vendor_name : Google (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Heap buffer overflow (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html (string)

refsource : MISC (string)

url : https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html (string)

}

1 : { »

name : https://crbug.com/1059764 (string)

refsource : MISC (string)

url : https://crbug.com/1059764 (string)

}

2 : { »

name : openSUSE-SU-2020:0519 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html (string)

}

3 : { »

name : FEDORA-2020-b2df49bb01 (string)

refsource : FEDORA (string)

url : https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/ (string)

}

4 : { »

name : FEDORA-2020-161c87cbc7 (string)

refsource : FEDORA (string)

url : https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/ (string)

}

5 : { »

name : openSUSE-SU-2020:0540 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T09:02:40.718Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://crbug.com/1059764 (string)

}

2 : { »

name : openSUSE-SU-2020:0519 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html (string)

}

3 : { »

name : FEDORA-2020-b2df49bb01 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/ (string)

}

4 : { »

name : FEDORA-2020-161c87cbc7 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/ (string)

}

5 : { »

name : openSUSE-SU-2020:0540 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28 (string)

assignerShortName : Chrome (string)

cveId : CVE-2020-6452 (string)

datePublished : 2020-04-13T17:31:02 (string)

dateReserved : 2020-01-08T00:00:00 (string)

dateUpdated : 2024-08-04T09:02:40.718Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "02AA21FD-4513-45EC-B4C7-1561690D30EA", "versionEndExcluding": "80.0.3987.162", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", "matchCriteriaId": "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer de la pila (heap) en media en Google Chrome versiones anteriores a  80.0.3987.162, permiti\u00f3 a un atacante remoto explotar potencialmente una corrupci\u00f3n de la pila (heap) por medio de una p\u00e1gina HTML dise\u00f1ada."}], "id": "CVE-2020-6452", "lastModified": "2024-11-21T05:35:45.420", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-13T18:15:12.890", "references": [{"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://crbug.com/1059764"}, {"source": "chrome-cve-admin@google.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/"}, {"source": "chrome-cve-admin@google.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://crbug.com/1059764"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 02AA21FD-4513-45EC-B4C7-1561690D30EA (string)

versionEndExcluding : 80.0.3987.162 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* (string)

matchCriteriaId : 97A4B8DF-58DA-4AB6-A1F9-331B36409BA3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* (string)

matchCriteriaId : 80F0FA5D-8D3B-4C0E-81E2-87998286AF33 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:* (string)

matchCriteriaId : C84D9410-31B7-421A-AD99-8ED2E45A9BC6 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* (string)

matchCriteriaId : B620311B-34A3-48A6-82DF-6F078D7A4493 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (string)

}

1 : { »

lang : es (string)

value : Un desbordamiento de búfer de la pila (heap) en media en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. (string)

}

]

id : CVE-2020-6452 (string)

lastModified : 2024-11-21T05:35:45.420 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 8.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-04-13T18:15:12.890 (string)

references : [ »

0 : { »

source : chrome-cve-admin@google.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html (string)

}

1 : { »

source : chrome-cve-admin@google.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html (string)

}

2 : { »

source : chrome-cve-admin@google.com (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html (string)

}

3 : { »

source : chrome-cve-admin@google.com (string)

tags : [ »

0 : Permissions Required (string)

1 : Vendor Advisory (string)

]

url : https://crbug.com/1059764 (string)

}

4 : { »

source : chrome-cve-admin@google.com (string)

url : https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/ (string)

}

5 : { »

source : chrome-cve-admin@google.com (string)

url : https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/ (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Permissions Required (string)

1 : Vendor Advisory (string)

]

url : https://crbug.com/1059764 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/ (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/ (string)

}

]

sourceIdentifier : chrome-cve-admin@google.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-787 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object