diff --git a/2020/6xxx/CVE-2020-6505.json b/2020/6xxx/CVE-2020-6505.json index c1b9fe085fe..70e8645fba0 100644 --- a/2020/6xxx/CVE-2020-6505.json +++ b/2020/6xxx/CVE-2020-6505.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6505", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "83.0.4103.106", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1081350" + }, + { + "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6506.json b/2020/6xxx/CVE-2020-6506.json index 2358e97dc09..1eb88159f03 100644 --- a/2020/6xxx/CVE-2020-6506.json +++ b/2020/6xxx/CVE-2020-6506.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6506", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "83.0.4103.106", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient policy enforcement" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1083819" + }, + { + "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6507.json b/2020/6xxx/CVE-2020-6507.json index 6ba19e4dcde..d1b93294861 100644 --- a/2020/6xxx/CVE-2020-6507.json +++ b/2020/6xxx/CVE-2020-6507.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6507", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "83.0.4103.106", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out of bounds write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1086890" + }, + { + "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6509.json b/2020/6xxx/CVE-2020-6509.json index 9a989d52215..37df8bd236c 100644 --- a/2020/6xxx/CVE-2020-6509.json +++ b/2020/6xxx/CVE-2020-6509.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6509", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "83.0.4103.116", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1092308" + }, + { + "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_22.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension." } ] } diff --git a/2020/6xxx/CVE-2020-6510.json b/2020/6xxx/CVE-2020-6510.json index 66d0374ed4f..97e835f6100 100644 --- a/2020/6xxx/CVE-2020-6510.json +++ b/2020/6xxx/CVE-2020-6510.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6510", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1103195" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6511.json b/2020/6xxx/CVE-2020-6511.json index caf7d8c23b7..ea10bbf741d 100644 --- a/2020/6xxx/CVE-2020-6511.json +++ b/2020/6xxx/CVE-2020-6511.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6511", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Side-channel information leakage" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1074317" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6512.json b/2020/6xxx/CVE-2020-6512.json index b2815d8a230..360711f2596 100644 --- a/2020/6xxx/CVE-2020-6512.json +++ b/2020/6xxx/CVE-2020-6512.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6512", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Type Confusion" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1084820" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6513.json b/2020/6xxx/CVE-2020-6513.json index 77042faef83..8b3c1894046 100644 --- a/2020/6xxx/CVE-2020-6513.json +++ b/2020/6xxx/CVE-2020-6513.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6513", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1091404" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file." } ] } diff --git a/2020/6xxx/CVE-2020-6514.json b/2020/6xxx/CVE-2020-6514.json index d1d19f70ff4..950c65b5db9 100644 --- a/2020/6xxx/CVE-2020-6514.json +++ b/2020/6xxx/CVE-2020-6514.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6514", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1076703" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream." } ] } diff --git a/2020/6xxx/CVE-2020-6515.json b/2020/6xxx/CVE-2020-6515.json index 35081811795..ccba7174b86 100644 --- a/2020/6xxx/CVE-2020-6515.json +++ b/2020/6xxx/CVE-2020-6515.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6515", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1082755" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6516.json b/2020/6xxx/CVE-2020-6516.json index fa78cd7d798..d61669d5367 100644 --- a/2020/6xxx/CVE-2020-6516.json +++ b/2020/6xxx/CVE-2020-6516.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6516", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Policy bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1092449" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6517.json b/2020/6xxx/CVE-2020-6517.json index b0a13a36b22..3ac2aa3c12d 100644 --- a/2020/6xxx/CVE-2020-6517.json +++ b/2020/6xxx/CVE-2020-6517.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6517", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1095560" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6518.json b/2020/6xxx/CVE-2020-6518.json index ae24756333d..55ca38eacac 100644 --- a/2020/6xxx/CVE-2020-6518.json +++ b/2020/6xxx/CVE-2020-6518.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6518", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/986051" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6519.json b/2020/6xxx/CVE-2020-6519.json index a7e1066433f..ff8a3c34527 100644 --- a/2020/6xxx/CVE-2020-6519.json +++ b/2020/6xxx/CVE-2020-6519.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6519", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Policy bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1064676" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6520.json b/2020/6xxx/CVE-2020-6520.json index 173bb55bee5..460f24b33f1 100644 --- a/2020/6xxx/CVE-2020-6520.json +++ b/2020/6xxx/CVE-2020-6520.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6520", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1092274" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6521.json b/2020/6xxx/CVE-2020-6521.json index 77dc5e67d6d..b7285eafcef 100644 --- a/2020/6xxx/CVE-2020-6521.json +++ b/2020/6xxx/CVE-2020-6521.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6521", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Side-channel information leakage" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1075734" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6522.json b/2020/6xxx/CVE-2020-6522.json index f06aca86035..a2f39cf892c 100644 --- a/2020/6xxx/CVE-2020-6522.json +++ b/2020/6xxx/CVE-2020-6522.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6522", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1052093" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6523.json b/2020/6xxx/CVE-2020-6523.json index 3efcaf6277f..3cfa0e0d7ef 100644 --- a/2020/6xxx/CVE-2020-6523.json +++ b/2020/6xxx/CVE-2020-6523.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6523", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out of bounds write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1080481" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6524.json b/2020/6xxx/CVE-2020-6524.json index a298f7068ff..287e6f0f8de 100644 --- a/2020/6xxx/CVE-2020-6524.json +++ b/2020/6xxx/CVE-2020-6524.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6524", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1081722" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6525.json b/2020/6xxx/CVE-2020-6525.json index f8e2b36246b..c11ccebd6c6 100644 --- a/2020/6xxx/CVE-2020-6525.json +++ b/2020/6xxx/CVE-2020-6525.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6525", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1091670" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6526.json b/2020/6xxx/CVE-2020-6526.json index 19e170121a9..176fa580c96 100644 --- a/2020/6xxx/CVE-2020-6526.json +++ b/2020/6xxx/CVE-2020-6526.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6526", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1074340" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6527.json b/2020/6xxx/CVE-2020-6527.json index a3cafc2b545..9bd53b4b9e2 100644 --- a/2020/6xxx/CVE-2020-6527.json +++ b/2020/6xxx/CVE-2020-6527.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6527", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient policy enforcement" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/992698" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6528.json b/2020/6xxx/CVE-2020-6528.json index 637be1279d1..4aa9471baa4 100644 --- a/2020/6xxx/CVE-2020-6528.json +++ b/2020/6xxx/CVE-2020-6528.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6528", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incorrect security UI" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1063690" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6529.json b/2020/6xxx/CVE-2020-6529.json index 6631a335ac3..1ee7678f6de 100644 --- a/2020/6xxx/CVE-2020-6529.json +++ b/2020/6xxx/CVE-2020-6529.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6529", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/978779" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6530.json b/2020/6xxx/CVE-2020-6530.json index cbc8a8c9257..eedd7f54602 100644 --- a/2020/6xxx/CVE-2020-6530.json +++ b/2020/6xxx/CVE-2020-6530.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6530", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out of bounds memory access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1016278" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension." } ] } diff --git a/2020/6xxx/CVE-2020-6531.json b/2020/6xxx/CVE-2020-6531.json index a41044bdc3a..0d9b93969ad 100644 --- a/2020/6xxx/CVE-2020-6531.json +++ b/2020/6xxx/CVE-2020-6531.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6531", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Side-channel information leakage" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1042986" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6533.json b/2020/6xxx/CVE-2020-6533.json index 261ed47d357..54691db1e11 100644 --- a/2020/6xxx/CVE-2020-6533.json +++ b/2020/6xxx/CVE-2020-6533.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6533", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Type Confusion" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1069964" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6534.json b/2020/6xxx/CVE-2020-6534.json index 22be68a54e0..e9f68c5ca54 100644 --- a/2020/6xxx/CVE-2020-6534.json +++ b/2020/6xxx/CVE-2020-6534.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6534", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1072412" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6535.json b/2020/6xxx/CVE-2020-6535.json index 5fa4bdea9e9..ff55279658d 100644 --- a/2020/6xxx/CVE-2020-6535.json +++ b/2020/6xxx/CVE-2020-6535.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6535", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient data validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1073409" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page." } ] } diff --git a/2020/6xxx/CVE-2020-6536.json b/2020/6xxx/CVE-2020-6536.json index 72a7a72caf2..ae6bafa3588 100644 --- a/2020/6xxx/CVE-2020-6536.json +++ b/2020/6xxx/CVE-2020-6536.json @@ -4,14 +4,59 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6536", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "chrome-cve-admin@google.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Google", + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_value": "84.0.4147.89", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incorrect security UI" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://crbug.com/1080934" + }, + { + "url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA." } ] }