admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Chrome 83 and 84 CVEs.

Browse Source
This commit is contained in:
Adrian Taylor 2020-07-22 09:10:53 -07:00
parent fe0674694f
commit 9d980aef09
No known key found for this signature in database
GPG Key ID: 7C68C8AF6B042644
30 changed files with 1440 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
2020/6xxx/CVE-2020-6505.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6505", "ID": "CVE-2020-6505",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "83.0.4103.106",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1081350"
},
{
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6506.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6506", "ID": "CVE-2020-6506",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "83.0.4103.106",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1083819"
},
{
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6507.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6507", "ID": "CVE-2020-6507",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "83.0.4103.106",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1086890"
},
{
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6509.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6509", "ID": "CVE-2020-6509",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "83.0.4103.116",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1092308"
},
{
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_22.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6510.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6510", "ID": "CVE-2020-6510",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1103195"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6511.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6511", "ID": "CVE-2020-6511",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Side-channel information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1074317"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6512.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6512", "ID": "CVE-2020-6512",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1084820"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6513.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6513", "ID": "CVE-2020-6513",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1091404"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6514.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6514", "ID": "CVE-2020-6514",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1076703"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6515.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6515", "ID": "CVE-2020-6515",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1082755"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6516.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6516", "ID": "CVE-2020-6516",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Policy bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1092449"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6517.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6517", "ID": "CVE-2020-6517",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1095560"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6518.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6518", "ID": "CVE-2020-6518",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/986051"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6519.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6519", "ID": "CVE-2020-6519",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Policy bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1064676"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6520.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6520", "ID": "CVE-2020-6520",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1092274"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6521.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6521", "ID": "CVE-2020-6521",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Side-channel information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1075734"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6522.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6522", "ID": "CVE-2020-6522",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1052093"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6523.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6523", "ID": "CVE-2020-6523",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1080481"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6524.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6524", "ID": "CVE-2020-6524",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1081722"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6525.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6525", "ID": "CVE-2020-6525",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1091670"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6526.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6526", "ID": "CVE-2020-6526",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1074340"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6527.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6527", "ID": "CVE-2020-6527",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/992698"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6528.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6528", "ID": "CVE-2020-6528",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect security UI"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1063690"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6529.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6529", "ID": "CVE-2020-6529",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/978779"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6530.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6530", "ID": "CVE-2020-6530",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1016278"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6531.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6531", "ID": "CVE-2020-6531",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Side-channel information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1042986"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6533.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6533", "ID": "CVE-2020-6533",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1069964"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6534.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6534", "ID": "CVE-2020-6534",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1072412"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6535.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6535", "ID": "CVE-2020-6535",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1073409"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page."
} }
] ]
} }

51
2020/6xxx/CVE-2020-6536.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6536", "ID": "CVE-2020-6536",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "84.0.4147.89",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect security UI"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1080934"
},
{
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA."
} }
] ]
} }