Executive Summary

Summary
Titlechromium security update
Informations
NameDSA-4638First vendor Publication2020-03-10
VendorDebianLast vendor Modification2020-03-10
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreN/AAttack RangeN/A
Cvss Impact ScoreN/AAttack ComplexityN/A
Cvss Expoit ScoreN/AAuthenticationN/A
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-19880

Richard Lorenz discovered an issue in the sqlite library.

CVE-2019-19923

Richard Lorenz discovered an out-of-bounds read issue in the sqlite library.

CVE-2019-19925

Richard Lorenz discovered an issue in the sqlite library.

CVE-2019-19926

Richard Lorenz discovered an implementation error in the sqlite library.

CVE-2020-6381

UK's National Cyber Security Centre discovered an integer overflow issue in the v8 javascript library.

CVE-2020-6382

Soyeon Park and Wen Xu discovered a type error in the v8 javascript library.

CVE-2020-6383

Sergei Glazunov discovered a type error in the v8 javascript library.

CVE-2020-6384

David Manoucheri discovered a use-after-free issue in WebAudio.

CVE-2020-6385

Sergei Glazunov discovered a policy enforcement error.

CVE-2020-6386

Zhe Jin discovered a use-after-free issue in speech processing.

CVE-2020-6387

Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC implementation.

CVE-2020-6388

Sergei Glazunov discovered an out-of-bounds read error in the WebRTC implementation.

CVE-2020-6389

Natalie Silvanovich discovered an out-of-bounds write error in the WebRTC implementation.

CVE-2020-6390

Sergei Glazunov discovered an out-of-bounds read error.

CVE-2020-6391

Michał Bentkowski discoverd that untrusted input was insufficiently validated.

CVE-2020-6392

The Microsoft Edge Team discovered a policy enforcement error.

CVE-2020-6393

Mark Amery discovered a policy enforcement error.

CVE-2020-6394

Phil Freo discovered a policy enforcement error.

CVE-2020-6395

Pierre Langlois discovered an out-of-bounds read error in the v8 javascript library.

CVE-2020-6396

William Luc Ritchie discovered an error in the skia library.

CVE-2020-6397

Khalil Zhani discovered a user interface error.

CVE-2020-6398

pdknsk discovered an uninitialized variable in the pdfium library.

CVE-2020-6399

Luan Herrera discovered a policy enforcement error.

CVE-2020-6400

Takashi Yoneuchi discovered an error in Cross-Origin Resource Sharing.

CVE-2020-6401

Tzachy Horesh discovered that user input was insufficiently validated.

CVE-2020-6402

Vladimir Metnew discovered a policy enforcement error.

CVE-2020-6403

Khalil Zhani discovered a user interface error.

CVE-2020-6404

kanchi discovered an error in Blink/Webkit.

CVE-2020-6405

Yongheng Chen and Rui Zhong discovered an out-of-bounds read issue in the sqlite library.

CVE-2020-6406

Sergei Glazunov discovered a use-after-free issue.

CVE-2020-6407

Sergei Glazunov discovered an out-of-bounds read error.

CVE-2020-6408

Zhong Zhaochen discovered a policy enforcement error in Cross-Origin Resource Sharing.

CVE-2020-6409

Divagar S and Bharathi V discovered an error in the omnibox implementation.

CVE-2020-6410

evil1m0 discovered a policy enforcement error.

CVE-2020-6411

Khalil Zhani discovered that user input was insufficiently validated.

CVE-2020-6412

Zihan Zheng discovered that user input was insufficiently validated.

CVE-2020-6413

Michał Bentkowski discovered an error in Blink/Webkit.

CVE-2020-6414

Lijo A.T discovered a policy safe browsing policy enforcement error.

CVE-2020-6415

Avihay Cohen discovered an implementation error in the v8 javascript library.

CVE-2020-6416

Woojin Oh discovered that untrusted input was insufficiently validated.

CVE-2020-6418

Clement Lecigne discovered a type error in the v8 javascript library.

CVE-2020-6420

Taras Uzdenov discovered a policy enforcement error.

For the oldstable distribution (stretch), security support for chromium has been discontinued.

For the stable distribution (buster), these problems have been fixed in version 80.0.3987.132-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Original Source

Url : http://www.debian.org/security/2020/dsa-4638

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2020-03-11 05:19:01
  • First insertion