The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
Base Score: 6.8
Impact Score: 6.4
Exploitability Score: 8.6
Base Score: 8.8
Impact Score: 5.9
Exploitability Score: 2.8
|144672||Debian DSA-4824-1 : chromium - security update||Nessus||Debian Local Security Checks|
|143333||openSUSE Security Update : chromium (openSUSE-2020-2021)||Nessus||SuSE Local Security Checks|
|143303||openSUSE Security Update : chromium (openSUSE-2020-2032)||Nessus||SuSE Local Security Checks|
|143227||Fedora 32 : chromium (2020-3e005ce2e0)||Nessus||Fedora Local Security Checks|
|143176||Fedora 33 : chromium (2020-10ec8aca61)||Nessus||Fedora Local Security Checks|
|142971||Google Chrome < 87.0.4280.66 Multiple Vulnerabilities||Nessus||Windows|
|142970||Google Chrome < 87.0.4280.66 Multiple Vulnerabilities||Nessus||MacOS X Local Security Checks|