Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-16042

Опубликовано: 02 дек. 2020
Источник: redhat
CVSS3: 6.5

Описание

Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5thunderbirdOut of support scope
Red Hat Enterprise Linux 6firefoxOut of support scope
Red Hat Enterprise Linux 6thunderbirdOut of support scope
Red Hat Enterprise Linux 7firefoxFixedRHSA-2020:556116.12.2020
Red Hat Enterprise Linux 7thunderbirdFixedRHSA-2020:561817.12.2020
Red Hat Enterprise Linux 8firefoxFixedRHSA-2020:556216.12.2020
Red Hat Enterprise Linux 8thunderbirdFixedRHSA-2020:562417.12.2020
Red Hat Enterprise Linux 8.0 Update Services for SAP SolutionsfirefoxFixedRHSA-2020:556516.12.2020
Red Hat Enterprise Linux 8.0 Update Services for SAP SolutionsthunderbirdFixedRHSA-2020:564521.12.2020
Red Hat Enterprise Linux 8.1 Extended Update SupportfirefoxFixedRHSA-2020:556416.12.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=1904515chromium-browser: Uninitialized Use in V8

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-16042

CVSS3: 6.5
ubuntu
около 5 лет назад

Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

nvd логотип

CVE-2020-16042

CVSS3: 6.5
nvd
около 5 лет назад

Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

debian логотип

CVE-2020-16042

CVSS3: 6.5
debian
около 5 лет назад

Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed ...

github логотип

GHSA-jcqg-j4q8-3vwg

github
больше 3 лет назад

Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

fstec логотип

BDU:2021-01188

CVSS3: 7.5
fstec
около 5 лет назад

Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

6.5 Medium

CVSS3