CVE-2020-16013

MEDIUM

Description

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

References

https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html

https://crbug.com/1147206

Details

Source: MITRE

Published: 2021-01-08

Updated: 2021-01-11

Type: CWE-787

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
144672Debian DSA-4824-1 : chromium - security updateNessusDebian Local Security Checks
high
143498openSUSE Security Update : opera (openSUSE-2020-2178)NessusSuSE Local Security Checks
medium
143227Fedora 32 : chromium (2020-3e005ce2e0)NessusFedora Local Security Checks
medium
143164RHEL 6 : chromium-browser (RHSA-2020:5165)NessusRed Hat Local Security Checks
medium
143140Fedora 33 : chromium (2020-2d0c0ee838)NessusFedora Local Security Checks
medium
142941openSUSE Security Update : chromium (openSUSE-2020-1929)NessusSuSE Local Security Checks
medium
142933GLSA-202011-16 : Chromium, Google Chrome: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
142901Microsoft Edge (Chromium) < 86.0.622.69 Multiple VulnerabilitiesNessusWindows
medium
701292Google Chrome < 86.0.4240.198 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
142719Google Chrome < 86.0.4240.198 Multiple VulnerabilitiesNessusWindows
medium
142718Google Chrome < 86.0.4240.198 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
medium