PT-2020-4259 · Google+2 · Google Chrome+2

Khalil Zhani

Published

2020-06-03

Updated

2024-06-15

CVE-2020-6496

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 83.0.4103.97

Description: The issue is related to a use after free in the payments component of Google Chrome, which could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. This could impact the confidentiality, integrity, and availability of protected information.

Recommendations: For Google Chrome versions prior to 83.0.4103.97, update to version 83.0.4103.97 or later to resolve the issue.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2020-04723

CVE-2020-6496

DSA-4714-1

DSA-4714-2

DSA-4714-3

OPENSUSE-SU-2020:0823-1

OPENSUSE-SU-2020:0832-1

OPENSUSE-SU-2020_0823-1

OPENSUSE-SU-2024:10681-1

OPENSUSE-SU-2024:12948-1

RHSA-2020:2544

RHSA-2020_2544

Affected Products

Google Chrome

Red Hat

Suse

PT-2020-4259 · Google+2 · Google Chrome+2

CVE-2020-6496

Weakness Enumeration

Related Identifiers

Affected Products

References · 2340