Debian Local Security Checks : Debian: Security Advisory (DSA-4638-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.704638
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-4638-1)
Summary:	The remote host is missing an update for the Debian 'chromium' package(s) announced via the DSA-4638-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'chromium' package(s) announced via the DSA-4638-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-19880 Richard Lorenz discovered an issue in the sqlite library. CVE-2019-19923 Richard Lorenz discovered an out-of-bounds read issue in the sqlite library. CVE-2019-19925 Richard Lorenz discovered an issue in the sqlite library. CVE-2019-19926 Richard Lorenz discovered an implementation error in the sqlite library. CVE-2020-6381 UK's National Cyber Security Centre discovered an integer overflow issue in the v8 javascript library. CVE-2020-6382 Soyeon Park and Wen Xu discovered a type error in the v8 javascript library. CVE-2020-6383 Sergei Glazunov discovered a type error in the v8 javascript library. CVE-2020-6384 David Manoucheri discovered a use-after-free issue in WebAudio. CVE-2020-6385 Sergei Glazunov discovered a policy enforcement error. CVE-2020-6386 Zhe Jin discovered a use-after-free issue in speech processing. CVE-2020-6387 Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC implementation. CVE-2020-6388 Sergei Glazunov discovered an out-of-bounds read error in the WebRTC implementation. CVE-2020-6389 Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC implementation. CVE-2020-6390 Sergei Glazunov discovered an out-of-bounds read error. CVE-2020-6391 Michal Bentkowski discoverd that untrusted input was insufficiently validated. CVE-2020-6392 The Microsoft Edge Team discovered a policy enforcement error. CVE-2020-6393 Mark Amery discovered a policy enforcement error. CVE-2020-6394 Phil Freo discovered a policy enforcement error. CVE-2020-6395 Pierre Langlois discovered an out-of-bounds read error in the v8 javascript library. CVE-2020-6396 William Luc Ritchie discovered an error in the skia library. CVE-2020-6397 Khalil Zhani discovered a user interface error. CVE-2020-6398 pdknsk discovered an uninitialized variable in the pdfium library. CVE-2020-6399 Luan Herrera discovered a policy enforcement error. CVE-2020-6400 Takashi Yoneuchi discovered an error in Cross-Origin Resource Sharing. CVE-2020-6401 Tzachy Horesh discovered that user input was insufficiently validated. CVE-2020-6402 Vladimir Metnew discovered a policy enforcement error. CVE-2020-6403 Khalil Zhani discovered a user interface error. CVE-2020-6404 kanchi discovered an error in Blink/Webkit. CVE-2020-6405 Yongheng Chen and Rui Zhong discovered an out-of-bounds read issue in the sqlite library. CVE-2020-6406 Sergei Glazunov discovered a use-after-free issue. CVE-2020-6407 Sergei Glazunov discovered an out-of-bounds read error. CVE-2020-6408 Zhong Zhaochen discovered a policy enforcement error in Cross-Origin Resource Sharing. CVE-2020-6409 Divagar S and Bharathi V discovered an error in the omnibox implementation. CVE-2020-6410 evil1m0 discovered a policy enforcement error. CVE-2020-6411 Khalil Zhani ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'chromium' package(s) on Debian 10. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-19880 Debian Security Information: DSA-4638 (Google Search) https://www.debian.org/security/2020/dsa-4638 https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54 https://www.oracle.com/security-alerts/cpuapr2020.html RedHat Security Advisories: RHSA-2020:0514 https://access.redhat.com/errata/RHSA-2020:0514 SuSE Security Announcement: openSUSE-SU-2020:0189 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html SuSE Security Announcement: openSUSE-SU-2020:0210 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html SuSE Security Announcement: openSUSE-SU-2020:0233 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://usn.ubuntu.com/4298-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-19923 https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35 Common Vulnerability Exposure (CVE) ID: CVE-2019-19925 https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618 Common Vulnerability Exposure (CVE) ID: CVE-2019-19926 https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089 https://usn.ubuntu.com/4298-2/ Common Vulnerability Exposure (CVE) ID: CVE-2020-6381 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/ https://security.gentoo.org/glsa/202003-08 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/1034394 Common Vulnerability Exposure (CVE) ID: CVE-2020-6382 https://crbug.com/1031909 Common Vulnerability Exposure (CVE) ID: CVE-2020-6383 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_18.html https://crbug.com/1051017 RedHat Security Advisories: RHSA-2020:0738 https://access.redhat.com/errata/RHSA-2020:0738 Common Vulnerability Exposure (CVE) ID: CVE-2020-6384 https://crbug.com/1048473 Common Vulnerability Exposure (CVE) ID: CVE-2020-6385 https://crbug.com/1035399 Common Vulnerability Exposure (CVE) ID: CVE-2020-6386 https://crbug.com/1043603 Common Vulnerability Exposure (CVE) ID: CVE-2020-6387 https://crbug.com/1042535 Common Vulnerability Exposure (CVE) ID: CVE-2020-6388 http://packetstormsecurity.com/files/157376/Chrome-AudioArray-Allocate-Data-Race-Out-Of-Bounds-Access.html https://crbug.com/1042879 Common Vulnerability Exposure (CVE) ID: CVE-2020-6389 https://crbug.com/1042933 Common Vulnerability Exposure (CVE) ID: CVE-2020-6390 http://packetstormsecurity.com/files/157419/Chrome-ReadableStream-Close-Out-Of-Bounds-Access.html https://crbug.com/1045874 Common Vulnerability Exposure (CVE) ID: CVE-2020-6391 https://crbug.com/1017871 Common Vulnerability Exposure (CVE) ID: CVE-2020-6392 https://crbug.com/1030411 Common Vulnerability Exposure (CVE) ID: CVE-2020-6393 https://crbug.com/1035058 Common Vulnerability Exposure (CVE) ID: CVE-2020-6394 https://crbug.com/1014371 Common Vulnerability Exposure (CVE) ID: CVE-2020-6395 https://crbug.com/1022855 Common Vulnerability Exposure (CVE) ID: CVE-2020-6396 https://crbug.com/1035271 Common Vulnerability Exposure (CVE) ID: CVE-2020-6397 https://crbug.com/1027408 Common Vulnerability Exposure (CVE) ID: CVE-2020-6398 https://crbug.com/1032090 Common Vulnerability Exposure (CVE) ID: CVE-2020-6399 https://crbug.com/1039869 Common Vulnerability Exposure (CVE) ID: CVE-2020-6400 https://crbug.com/1038036 Common Vulnerability Exposure (CVE) ID: CVE-2020-6401 https://crbug.com/1017707 Common Vulnerability Exposure (CVE) ID: CVE-2020-6402 https://crbug.com/1029375 Common Vulnerability Exposure (CVE) ID: CVE-2020-6403 https://crbug.com/1006012 Common Vulnerability Exposure (CVE) ID: CVE-2020-6404 https://crbug.com/1024256 Common Vulnerability Exposure (CVE) ID: CVE-2020-6405 https://crbug.com/1042145 Common Vulnerability Exposure (CVE) ID: CVE-2020-6406 https://crbug.com/1042254 Common Vulnerability Exposure (CVE) ID: CVE-2020-6407 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html https://crbug.com/1045931 Common Vulnerability Exposure (CVE) ID: CVE-2020-6408 https://crbug.com/1026546 Common Vulnerability Exposure (CVE) ID: CVE-2020-6409 https://crbug.com/1037889 Common Vulnerability Exposure (CVE) ID: CVE-2020-6410 https://crbug.com/881675 Common Vulnerability Exposure (CVE) ID: CVE-2020-6411 https://crbug.com/929711 Common Vulnerability Exposure (CVE) ID: CVE-2020-6412 https://crbug.com/968505 Common Vulnerability Exposure (CVE) ID: CVE-2020-6413 https://crbug.com/1005713 Common Vulnerability Exposure (CVE) ID: CVE-2020-6414 https://crbug.com/1021855 Common Vulnerability Exposure (CVE) ID: CVE-2020-6415 https://crbug.com/1029576 Common Vulnerability Exposure (CVE) ID: CVE-2020-6416 https://crbug.com/1031895 Common Vulnerability Exposure (CVE) ID: CVE-2020-6418 http://packetstormsecurity.com/files/156632/Google-Chrome-80-JSCreate-Side-Effect-Type-Confusion.html https://crbug.com/1053604 Common Vulnerability Exposure (CVE) ID: CVE-2020-6420 https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop.html https://crbug.com/1050996 Common Vulnerability Exposure (CVE) ID: CVE-2020-6499 https://crbug.com/999001 Common Vulnerability Exposure (CVE) ID: CVE-2020-6500 https://crbug.com/843095 Common Vulnerability Exposure (CVE) ID: CVE-2020-6501 https://crbug.com/990581 Common Vulnerability Exposure (CVE) ID: CVE-2020-6502 https://crbug.com/785159
Copyright	Copyright (C) 2020 Greenbone AG