CVE-2020-6463

Опубликовано: 21 мая 2020

Источник: debian

EPSS Низкий

Описание

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium	fixed	83.0.4103.83-1		package
chromium	end-of-life		stretch	package
firefox	fixed	79.0-1		package
firefox-esr	fixed	68.11.0esr-1		package
thunderbird	fixed	1:68.11.0-1		package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-6463
https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-6463
https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-6463
https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/#CVE-2020-6463

EPSS

Процентиль: 88%

0.03747

Низкий

Связанные уязвимости

CVE-2020-6463

CVSS3: 8.8

ubuntu

больше 5 лет назад

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-6463

CVSS3: 8.8

redhat

почти 6 лет назад

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-6463

CVSS3: 8.8

nvd

больше 5 лет назад

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

GHSA-vmqg-547g-3f2r

CVSS3: 8.8

github

больше 3 лет назад

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

openSUSE-SU-2020:1205-1

suse-cvrf

больше 5 лет назад

Security update for MozillaThunderbird

EPSS

Процентиль: 88%

0.03747

Низкий