Lucene search

K

Veracode Vulnerability DatabaseVERACODE:28768

HistoryDec 21, 2020 - 8:37 p.m.

Information Disclosure

2020-12-2120:37:48

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

chromium

vulnerability

information disclosure

data validation

dialogs

remote attacker

sensitive information

html page

software

EPSS

0.005

Percentile

75.9%

chromium is vulnerable to information disclosure. The vulnerability exists through insufficient data validation in dialogs that allows a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.

References

lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html

chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html

crbug.com/1097724

lists.fedoraproject.org/archives/list/[email protected]/message/24QFL4C3AZKMFVL7LVSYMU2DNE5VVUGS/

lists.fedoraproject.org/archives/list/[email protected]/message/4GWCWNHTTYOH6HSFUXPGPBB6J6JYZHZE/

lists.fedoraproject.org/archives/list/[email protected]/message/SC3U3H6AISVZB5PLZLLNF4HMQ4UFFL7M/

security-tracker.debian.org/tracker/CVE-2020-15977

security.gentoo.org/glsa/202101-30

www.debian.org/security/2021/dsa-4824

EPSS

0.005

Percentile

75.9%

Related for VERACODE:28768

cve1 cvelist1 nvd1 ubuntucve1 redhatcve1 debiancve1 prion1 nessus12 openvas7 kaspersky1 freebsd1 redhat1 gentoo2 suse3 chrome1 archlinux1 fedora3 debian1 osv3 mscve1