Lucene search

ChromeCVE-2020-15981

HistoryNov 03, 2020 - 3:15 a.m.

CVE-2020-15981

2020-11-0303:15:13

CWE-125

Chrome

web.nvd.nist.gov

153

cve-2020-15981

out of bounds read

google chrome

remote attacker

process memory

crafted html page

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.007

Percentile

80.0%

JSON

Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Affected configurations

Nvd

Vulners

Node

googlechromeRange<86.0.4240.75

Node

fedoraprojectfedoraMatch31

fedoraprojectfedoraMatch32

fedoraprojectfedoraMatch33

Node

opensusebackports_sleMatch15.0sp2

Node

debiandebian_linuxMatch10.0

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "86.0.4240.75",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]