Vulnerability   
Search   
    Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.704714
Category:Debian Local Security Checks
Title:Debian: Security Advisory for chromium (DSA-4714-1)
Summary:The remote host is missing an update for the 'chromium'; package(s) announced via the DSA-4714-1 advisory.
Description:Summary:
The remote host is missing an update for the 'chromium'
package(s) announced via the DSA-4714-1 advisory.

Vulnerability Insight:
Several vulnerabilities have been discovered in the chromium web browser.

CVE-2020-6423
A use-after-free issue was found in the audio implementation.

CVE-2020-6430
Avihay Cohen discovered a type confusion issue in the v8 javascript
library.

CVE-2020-6431
Luan Herrera discovered a policy enforcement error.

CVE-2020-6432
Luan Herrera discovered a policy enforcement error.

CVE-2020-6433
Luan Herrera discovered a policy enforcement error in extensions.

CVE-2020-6434
HyungSeok Han discovered a use-after-free issue in the developer tools.

CVE-2020-6435
Sergei Glazunov discovered a policy enforcement error in extensions.

CVE-2020-6436
Igor Bukanov discovered a use-after-free issue.

CVE-2020-6437
Jann Horn discovered an implementation error in WebView.

CVE-2020-6438
Ng Yik Phang discovered a policy enforcement error in extensions.

CVE-2020-6439
remkoboonstra discovered a policy enforcement error.

CVE-2020-6440
David Erceg discovered an implementation error in extensions.

CVE-2020-6441
David Erceg discovered a policy enforcement error.

CVE-2020-6442
B@rMey discovered an implementation error in the page cache.

CVE-2020-6443
@lovasoa discovered an implementation error in the developer tools.

CVE-2020-6444
mlfbrown discovered an uninitialized variable in the WebRTC
implementation.

CVE-2020-6445
Jun Kokatsu discovered a policy enforcement error.

CVE-2020-6446
Jun Kokatsu discovered a policy enforcement error.

CVE-2020-6447
David Erceg discovered an implementation error in the developer tools.

CVE-2020-6448
Guang Gong discovered a use-after-free issue in the v8 javascript library.

CVE-2020-6454
Leecraso and Guang Gong discovered a use-after-free issue in extensions.

CVE-2020-6455
Nan Wang and Guang Gong discovered an out-of-bounds read issue in the
WebSQL implementation.

CVE-2020-6456
Micha? Bentkowski discovered insufficient validation of untrusted input.

CVE-2020-6457
Leecraso and Guang Gong discovered a use-after-free issue in the speech
recognizer.

CVE-2020-6458
Aleksandar Nikolic discoved an out-of-bounds read and write issue in the
pdfium library.

CVE-2020-6459
Zhe Jin discovered a use-after-free issue in the payments implementation.

CVE-2020-6460
It was discovered that URL formatting was insufficiently validated.

CVE-2020-6461
Zhe Jin discovered a use-after-free issue.

CVE-2020-6462
Zhe Jin discovered a use-after-free issue in task scheduling.

CVE-2020-6463
Pawel Wylecial discovered a use-after-free issue in the ANGLE library.

CVE-2020-6464
Looben Yang discovered a type confusion issue in Blink/Webkit.

CVE-2020-6465
Woojin Oh discovered a use-after-free iss ...

Description truncated. Please see the references for more information.

Affected Software/OS:
'chromium' package(s) on Debian Linux.

Solution:
For the oldstable distribution (stretch), security support for chromium
has been discontinued.

For the stable distribution (buster), these problems have been fixed in
version 83.0.4103.116-1~
deb10u1.

We recommend that you upgrade your chromium packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-6423
Debian Security Information: DSA-4714 (Google Search)
https://www.debian.org/security/2020/dsa-4714
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
https://crbug.com/1043446
SuSE Security Announcement: openSUSE-SU-2020:0519 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html
SuSE Security Announcement: openSUSE-SU-2020:0540 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-6430
https://crbug.com/1031479
Common Vulnerability Exposure (CVE) ID: CVE-2020-6431
https://crbug.com/852645
Common Vulnerability Exposure (CVE) ID: CVE-2020-6432
https://crbug.com/965611
Common Vulnerability Exposure (CVE) ID: CVE-2020-6433
https://crbug.com/1043965
Common Vulnerability Exposure (CVE) ID: CVE-2020-6434
https://crbug.com/1048555
Common Vulnerability Exposure (CVE) ID: CVE-2020-6435
https://crbug.com/1032158
Common Vulnerability Exposure (CVE) ID: CVE-2020-6436
https://crbug.com/1034519
Common Vulnerability Exposure (CVE) ID: CVE-2020-6437
https://crbug.com/639173
Common Vulnerability Exposure (CVE) ID: CVE-2020-6438
https://crbug.com/714617
Common Vulnerability Exposure (CVE) ID: CVE-2020-6439
https://crbug.com/868145
Common Vulnerability Exposure (CVE) ID: CVE-2020-6440
https://crbug.com/894477
Common Vulnerability Exposure (CVE) ID: CVE-2020-6441
https://crbug.com/959571
Common Vulnerability Exposure (CVE) ID: CVE-2020-6442
https://crbug.com/1013906
Common Vulnerability Exposure (CVE) ID: CVE-2020-6443
https://crbug.com/1040080
Common Vulnerability Exposure (CVE) ID: CVE-2020-6444
https://crbug.com/922882
Common Vulnerability Exposure (CVE) ID: CVE-2020-6445
https://crbug.com/933171
Common Vulnerability Exposure (CVE) ID: CVE-2020-6446
https://crbug.com/933172
Common Vulnerability Exposure (CVE) ID: CVE-2020-6447
https://crbug.com/991217
Common Vulnerability Exposure (CVE) ID: CVE-2020-6448
https://crbug.com/1037872
Common Vulnerability Exposure (CVE) ID: CVE-2020-6454
https://crbug.com/1019161
Common Vulnerability Exposure (CVE) ID: CVE-2020-6455
https://crbug.com/1059669
Common Vulnerability Exposure (CVE) ID: CVE-2020-6456
https://crbug.com/1040755
Common Vulnerability Exposure (CVE) ID: CVE-2020-6457
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_15.html
https://crbug.com/1067851
Common Vulnerability Exposure (CVE) ID: CVE-2020-6458
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html
https://crbug.com/1067270
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1044
Common Vulnerability Exposure (CVE) ID: CVE-2020-6459
https://crbug.com/1065298
Common Vulnerability Exposure (CVE) ID: CVE-2020-6460
https://crbug.com/1063566
Common Vulnerability Exposure (CVE) ID: CVE-2020-6461
https://security.gentoo.org/glsa/202005-13
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html
https://crbug.com/1072983
Common Vulnerability Exposure (CVE) ID: CVE-2020-6462
https://crbug.com/1064891
Common Vulnerability Exposure (CVE) ID: CVE-2020-6463
Debian Security Information: DSA-4736 (Google Search)
https://www.debian.org/security/2020/dsa-4736
Debian Security Information: DSA-4740 (Google Search)
https://www.debian.org/security/2020/dsa-4740
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQYH5OK7O4BU6E37WWG5SEEHV65BFSGR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFZ5N4EK6I4ZJP5YSKLLVN3ELXEB4XT/
https://security.gentoo.org/glsa/202007-60
https://security.gentoo.org/glsa/202007-64
https://crbug.com/1065186
https://lists.debian.org/debian-lts-announce/2020/07/msg00027.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00006.html
SuSE Security Announcement: openSUSE-SU-2020:0823 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html
SuSE Security Announcement: openSUSE-SU-2020:0832 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html
SuSE Security Announcement: openSUSE-SU-2020:1147 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00008.html
SuSE Security Announcement: openSUSE-SU-2020:1155 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00011.html
SuSE Security Announcement: openSUSE-SU-2020:1179 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html
SuSE Security Announcement: openSUSE-SU-2020:1189 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html
SuSE Security Announcement: openSUSE-SU-2020:1205 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00032.html
https://usn.ubuntu.com/4443-1/
Common Vulnerability Exposure (CVE) ID: CVE-2020-6464
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop.html
https://crbug.com/1071059
SuSE Security Announcement: openSUSE-SU-2020:0709 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00056.html
SuSE Security Announcement: openSUSE-SU-2020:0917 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-6465
https://security.gentoo.org/glsa/202006-02
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html
https://crbug.com/1073015
Common Vulnerability Exposure (CVE) ID: CVE-2020-6466
https://crbug.com/1074706
Common Vulnerability Exposure (CVE) ID: CVE-2020-6467
https://crbug.com/1068084
Common Vulnerability Exposure (CVE) ID: CVE-2020-6468
https://crbug.com/1076708
Common Vulnerability Exposure (CVE) ID: CVE-2020-6469
https://crbug.com/1067382
Common Vulnerability Exposure (CVE) ID: CVE-2020-6470
https://crbug.com/1065761
Common Vulnerability Exposure (CVE) ID: CVE-2020-6471
https://crbug.com/1059577
Common Vulnerability Exposure (CVE) ID: CVE-2020-6472
https://crbug.com/1064519
Common Vulnerability Exposure (CVE) ID: CVE-2020-6473
https://crbug.com/1049510
Common Vulnerability Exposure (CVE) ID: CVE-2020-6474
https://crbug.com/1059533
Common Vulnerability Exposure (CVE) ID: CVE-2020-6475
https://crbug.com/1020026
Common Vulnerability Exposure (CVE) ID: CVE-2020-6476
https://crbug.com/1035315
Common Vulnerability Exposure (CVE) ID: CVE-2020-6478
https://crbug.com/1037730
Common Vulnerability Exposure (CVE) ID: CVE-2020-6479
https://crbug.com/1041749
Common Vulnerability Exposure (CVE) ID: CVE-2020-6480
https://crbug.com/1054966
Common Vulnerability Exposure (CVE) ID: CVE-2020-6481
https://crbug.com/1068531
Common Vulnerability Exposure (CVE) ID: CVE-2020-6482
https://crbug.com/795595
Common Vulnerability Exposure (CVE) ID: CVE-2020-6483
https://crbug.com/966507
Common Vulnerability Exposure (CVE) ID: CVE-2020-6484
https://crbug.com/1045787
Common Vulnerability Exposure (CVE) ID: CVE-2020-6485
https://crbug.com/1047285
Common Vulnerability Exposure (CVE) ID: CVE-2020-6486
https://crbug.com/1055524
Common Vulnerability Exposure (CVE) ID: CVE-2020-6487
https://crbug.com/539938
Common Vulnerability Exposure (CVE) ID: CVE-2020-6488
https://crbug.com/1044277
Common Vulnerability Exposure (CVE) ID: CVE-2020-6489
https://crbug.com/1050756
Common Vulnerability Exposure (CVE) ID: CVE-2020-6490
https://crbug.com/1035887
Common Vulnerability Exposure (CVE) ID: CVE-2020-6491
https://crbug.com/1050011
Common Vulnerability Exposure (CVE) ID: CVE-2020-6493
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
https://crbug.com/1082105
Common Vulnerability Exposure (CVE) ID: CVE-2020-6494
https://crbug.com/1083972
Common Vulnerability Exposure (CVE) ID: CVE-2020-6495
https://crbug.com/1072116
Common Vulnerability Exposure (CVE) ID: CVE-2020-6496
https://crbug.com/1085990
Common Vulnerability Exposure (CVE) ID: CVE-2020-6497
https://crbug.com/1069246
Common Vulnerability Exposure (CVE) ID: CVE-2020-6498
https://crbug.com/1081081
Common Vulnerability Exposure (CVE) ID: CVE-2020-6505
https://security.gentoo.org/glsa/202007-08
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html
https://crbug.com/1081350
Common Vulnerability Exposure (CVE) ID: CVE-2020-6506
https://crbug.com/1083819
https://lists.apache.org/thread.html/r2769c33da7f7ece7e4e31837c1e1839d6657c7c13bb8d228670b8da0@%3Cissues.cordova.apache.org%3E
https://lists.apache.org/thread.html/r1eadf38b38ee20405811958c8a01f78d6b28e058c84c9fa6c1a8663d@%3Cissues.cordova.apache.org%3E
https://lists.apache.org/thread.html/r1ab80f8591d5c2147898076e3945dad1c897513630aabec556883275@%3Cissues.cordova.apache.org%3E
Common Vulnerability Exposure (CVE) ID: CVE-2020-6507
https://crbug.com/1086890
Common Vulnerability Exposure (CVE) ID: CVE-2020-6509
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_22.html
https://crbug.com/1092308
SuSE Security Announcement: openSUSE-SU-2020:1032 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00040.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-6831
http://packetstormsecurity.com/files/158480/usrsctp-Stack-Buffer-Overflow.html
https://bugzilla.mozilla.org/show_bug.cgi?id=1632241
https://security.gentoo.org/glsa/202005-03
https://security.gentoo.org/glsa/202005-04
https://www.mozilla.org/security/advisories/mfsa2020-16/
https://www.mozilla.org/security/advisories/mfsa2020-17/
https://www.mozilla.org/security/advisories/mfsa2020-18/
https://usn.ubuntu.com/4373-1/
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.