Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.704638
Category:Debian Local Security Checks
Title:Debian: Security Advisory for chromium (DSA-4638-1)
Summary:The remote host is missing an update for the 'chromium'; package(s) announced via the DSA-4638-1 advisory.
Description:Summary:
The remote host is missing an update for the 'chromium'
package(s) announced via the DSA-4638-1 advisory.

Vulnerability Insight:
Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-19880
Richard Lorenz discovered an issue in the sqlite library.

CVE-2019-19923
Richard Lorenz discovered an out-of-bounds read issue in the sqlite
library.

CVE-2019-19925
Richard Lorenz discovered an issue in the sqlite library.

CVE-2019-19926
Richard Lorenz discovered an implementation error in the sqlite library.

CVE-2020-6381
UK's National Cyber Security Centre discovered an integer overflow issue
in the v8 javascript library.

CVE-2020-6382
Soyeon Park and Wen Xu discovered a type error in the v8 javascript
library.

CVE-2020-6383
Sergei Glazunov discovered a type error in the v8 javascript library.

CVE-2020-6384
David Manoucheri discovered a use-after-free issue in WebAudio.

CVE-2020-6385
Sergei Glazunov discovered a policy enforcement error.

CVE-2020-6386
Zhe Jin discovered a use-after-free issue in speech processing.

CVE-2020-6387
Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC
implementation.

CVE-2020-6388
Sergei Glazunov discovered an out-of-bounds read error in the WebRTC
implementation.

CVE-2020-6389
Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC
implementation.

CVE-2020-6390
Sergei Glazunov discovered an out-of-bounds read error.

CVE-2020-6391
Micha? Bentkowski discoverd that untrusted input was insufficiently
validated.

CVE-2020-6392
The Microsoft Edge Team discovered a policy enforcement error.

CVE-2020-6393
Mark Amery discovered a policy enforcement error.

CVE-2020-6394
Phil Freo discovered a policy enforcement error.

CVE-2020-6395
Pierre Langlois discovered an out-of-bounds read error in the v8
javascript library.

CVE-2020-6396
William Luc Ritchie discovered an error in the skia library.

CVE-2020-6397
Khalil Zhani discovered a user interface error.

CVE-2020-6398
pdknsk discovered an uninitialized variable in the pdfium library.

CVE-2020-6399
Luan Herrera discovered a policy enforcement error.

CVE-2020-6400
Takashi Yoneuchi discovered an error in Cross-Origin Resource Sharing.

CVE-2020-6401
Tzachy Horesh discovered that user input was insufficiently validated.

CVE-2020-6402
Vladimir Metnew discovered a policy enforcement error.

CVE-2020-6403
Khalil Zhani discovered a user interface error.

CVE-2020-6404
kanchi discovered an error in Blink/Webkit.

CVE-2020-6405
Yongheng Chen and Rui Zhong discovered an out-of-bounds read issue in the
sqlite library.

CVE-2020-6406
Sergei Glazunov discovered a use-after-free issue.

CVE-2020-6407
Sergei Glazunov discovered an out-of-bounds read error.

CVE-2020-6408
Zhong Zhao ...

Description truncated. Please see the references for more information.

Affected Software/OS:
'chromium' package(s) on Debian Linux.

Solution:
For the oldstable distribution (stretch), security support for chromium has
been discontinued.

For the stable distribution (buster), these problems have been fixed in
version 80.0.3987.132-1~
deb10u1.

We recommend that you upgrade your chromium packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-6381
Debian Security Information: DSA-4638 (Google Search)
https://www.debian.org/security/2020/dsa-4638
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/
https://security.gentoo.org/glsa/202003-08
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html
https://crbug.com/1034394
RedHat Security Advisories: RHSA-2020:0514
https://access.redhat.com/errata/RHSA-2020:0514
SuSE Security Announcement: openSUSE-SU-2020:0210 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html
SuSE Security Announcement: openSUSE-SU-2020:0233 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-6382
https://crbug.com/1031909
Common Vulnerability Exposure (CVE) ID: CVE-2020-6383
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_18.html
https://crbug.com/1051017
RedHat Security Advisories: RHSA-2020:0738
https://access.redhat.com/errata/RHSA-2020:0738
Common Vulnerability Exposure (CVE) ID: CVE-2020-6384
https://crbug.com/1048473
Common Vulnerability Exposure (CVE) ID: CVE-2020-6385
https://crbug.com/1035399
Common Vulnerability Exposure (CVE) ID: CVE-2020-6386
https://crbug.com/1043603
Common Vulnerability Exposure (CVE) ID: CVE-2020-6387
https://crbug.com/1042535
Common Vulnerability Exposure (CVE) ID: CVE-2020-6388
http://packetstormsecurity.com/files/157376/Chrome-AudioArray-Allocate-Data-Race-Out-Of-Bounds-Access.html
https://crbug.com/1042879
Common Vulnerability Exposure (CVE) ID: CVE-2020-6389
https://crbug.com/1042933
Common Vulnerability Exposure (CVE) ID: CVE-2020-6390
http://packetstormsecurity.com/files/157419/Chrome-ReadableStream-Close-Out-Of-Bounds-Access.html
https://crbug.com/1045874
Common Vulnerability Exposure (CVE) ID: CVE-2020-6391
https://crbug.com/1017871
Common Vulnerability Exposure (CVE) ID: CVE-2020-6392
https://crbug.com/1030411
Common Vulnerability Exposure (CVE) ID: CVE-2020-6393
https://crbug.com/1035058
Common Vulnerability Exposure (CVE) ID: CVE-2020-6394
https://crbug.com/1014371
Common Vulnerability Exposure (CVE) ID: CVE-2020-6395
https://crbug.com/1022855
Common Vulnerability Exposure (CVE) ID: CVE-2020-6396
https://crbug.com/1035271
Common Vulnerability Exposure (CVE) ID: CVE-2020-6397
https://crbug.com/1027408
Common Vulnerability Exposure (CVE) ID: CVE-2020-6398
https://crbug.com/1032090
Common Vulnerability Exposure (CVE) ID: CVE-2020-6399
https://crbug.com/1039869
Common Vulnerability Exposure (CVE) ID: CVE-2020-6400
https://crbug.com/1038036
Common Vulnerability Exposure (CVE) ID: CVE-2020-6401
https://crbug.com/1017707
Common Vulnerability Exposure (CVE) ID: CVE-2020-6402
https://crbug.com/1029375
Common Vulnerability Exposure (CVE) ID: CVE-2020-6403
https://crbug.com/1006012
Common Vulnerability Exposure (CVE) ID: CVE-2020-6404
https://crbug.com/1024256
Common Vulnerability Exposure (CVE) ID: CVE-2020-6405
https://crbug.com/1042145
Common Vulnerability Exposure (CVE) ID: CVE-2020-6406
https://crbug.com/1042254
Common Vulnerability Exposure (CVE) ID: CVE-2020-6407
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
https://crbug.com/1045931
Common Vulnerability Exposure (CVE) ID: CVE-2020-6408
https://crbug.com/1026546
Common Vulnerability Exposure (CVE) ID: CVE-2020-6409
https://crbug.com/1037889
Common Vulnerability Exposure (CVE) ID: CVE-2020-6410
https://crbug.com/881675
Common Vulnerability Exposure (CVE) ID: CVE-2020-6411
https://crbug.com/929711
Common Vulnerability Exposure (CVE) ID: CVE-2020-6412
https://crbug.com/968505
Common Vulnerability Exposure (CVE) ID: CVE-2020-6413
https://crbug.com/1005713
Common Vulnerability Exposure (CVE) ID: CVE-2020-6414
https://crbug.com/1021855
Common Vulnerability Exposure (CVE) ID: CVE-2020-6415
https://crbug.com/1029576
Common Vulnerability Exposure (CVE) ID: CVE-2020-6416
https://crbug.com/1031895
Common Vulnerability Exposure (CVE) ID: CVE-2020-6418
http://packetstormsecurity.com/files/156632/Google-Chrome-80-JSCreate-Side-Effect-Type-Confusion.html
https://crbug.com/1053604
Common Vulnerability Exposure (CVE) ID: CVE-2020-6420
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop.html
https://crbug.com/1050996
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.