6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.466 Medium
EPSS
Percentile
97.5%
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 81.0.4044.92.
Security Fix(es):
chromium-browser: Use after free in audio (CVE-2020-6423)
chromium-browser: Use after free in extensions (CVE-2020-6454)
chromium-browser: Out of bounds read in WebSQL (CVE-2020-6455)
chromium-browser: Type Confusion in V8 (CVE-2020-6430)
chromium-browser: Insufficient policy enforcement in full screen (CVE-2020-6431)
chromium-browser: Insufficient policy enforcement in navigations (CVE-2020-6432)
chromium-browser: Insufficient policy enforcement in extensions (CVE-2020-6433)
chromium-browser: Use after free in devtools (CVE-2020-6434)
chromium-browser: Insufficient policy enforcement in extensions (CVE-2020-6435)
chromium-browser: Use after free in window management (CVE-2020-6436)
chromium-browser: Insufficient validation of untrusted input in clipboard (CVE-2020-6456)
chromium-browser: Inappropriate implementation in WebView (CVE-2020-6437)
chromium-browser: Insufficient policy enforcement in extensions (CVE-2020-6438)
chromium-browser: Insufficient policy enforcement in navigations (CVE-2020-6439)
chromium-browser: Inappropriate implementation in extensions (CVE-2020-6440)
chromium-browser: Insufficient policy enforcement in omnibox (CVE-2020-6441)
chromium-browser: Inappropriate implementation in cache (CVE-2020-6442)
chromium-browser: Insufficient data validation in developer tools (CVE-2020-6443)
chromium-browser: Uninitialized use in WebRTC (CVE-2020-6444)
chromium-browser: Insufficient policy enforcement in trusted types (CVE-2020-6445)
chromium-browser: Insufficient policy enforcement in trusted types (CVE-2020-6446)
chromium-browser: Inappropriate implementation in developer tools (CVE-2020-6447)
chromium-browser: Use after free in V8 (CVE-2020-6448)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | chromium-browser | < 81.0.4044.92-2.el6_10 | chromium-browser-81.0.4044.92-2.el6_10.x86_64.rpm |
RedHat | 6 | i686 | chromium-browser | < 81.0.4044.92-2.el6_10 | chromium-browser-81.0.4044.92-2.el6_10.i686.rpm |
RedHat | 6 | i686 | chromium-browser-debuginfo | < 81.0.4044.92-2.el6_10 | chromium-browser-debuginfo-81.0.4044.92-2.el6_10.i686.rpm |
RedHat | 6 | x86_64 | chromium-browser-debuginfo | < 81.0.4044.92-2.el6_10 | chromium-browser-debuginfo-81.0.4044.92-2.el6_10.x86_64.rpm |
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.466 Medium
EPSS
Percentile
97.5%