CVE-2020-15959

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-15959

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15959.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-15959

Related

Published

2020-09-21T20:15:12Z

Modified

2024-09-11T02:00:06Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.

References

Affected packages

Debian:11 / chromium

Package

Name: chromium
Purl: pkg:deb/debian/chromium?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

87.0.4280.88-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / chromium

Package

Name: chromium
Purl: pkg:deb/debian/chromium?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

87.0.4280.88-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / chromium

Package

Name: chromium
Purl: pkg:deb/debian/chromium?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

87.0.4280.88-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}