Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-vv9m-mjhj-9cqc

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 4.3

Описание

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.

Ссылки

EPSS

Процентиль: 71%
0.00695
Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2020-6438

Дефекты

CWE-200
CWE-209

Связанные уязвимости

ubuntu логотип

CVE-2020-6438

CVSS3: 4.3
ubuntu
почти 6 лет назад

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.

redhat логотип

CVE-2020-6438

CVSS3: 4.3
redhat
почти 6 лет назад

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.

nvd логотип

CVE-2020-6438

CVSS3: 4.3
nvd
почти 6 лет назад

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.

debian логотип

CVE-2020-6438

CVSS3: 4.3
debian
почти 6 лет назад

Insufficient policy enforcement in extensions in Google Chrome prior t ...

fstec логотип

BDU:2020-03718

CVSS3: 4.3
fstec
почти 6 лет назад

Уязвимость расширений браузера Google Chrome, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 71%
0.00695
Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2020-6438

Дефекты

CWE-200
CWE-209