CVE-2020-6432 – chromium-browser: Insufficient policy enforcement in navigations
https://notcve.org/view.php?id=CVE-2020-6432
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una aplicación insuficiente de la política en navigations en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html https://crbug.com/965611 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD https://lists.fedora •
CVE-2020-6423 – chromium-browser: Use after free in audio
https://notcve.org/view.php?id=CVE-2020-6423
Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en audio en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html https://crbug.com/1043446 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD https://lists.fedor • CWE-416: Use After Free •
CVE-2020-6430 – chromium-browser: Type Confusion in V8
https://notcve.org/view.php?id=CVE-2020-6430
Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una Confusión de Tipos en V8 en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html https://crbug.com/1031479 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD https://lists.fedor • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2020-6451 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6451
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada de WebAudio en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html https://crbug.com/1061018 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN https://access.red • CWE-416: Use After Free •
CVE-2020-6450 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6450
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada de WebAudio en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html https://crbug.com/1062247 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN https://access.red • CWE-416: Use After Free •