PT-2020-6529 · Google+3 · Google Chrome+3

Published

2020-10-13

·

Updated

2024-06-15

·

CVE-2020-15970

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 86.0.4240.75
Description The issue is related to a use after free in NFC, which could allow a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This can be achieved via a crafted HTML page.
Recommendations For versions prior to 86.0.4240.75, update to version 86.0.4240.75 or later to resolve the issue.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2020-3035
ALT-PU-2020-3144
ALT-PU-2021-1157
ALT-PU-2021-1210
ALT-PU-2021-1379
BDU:2021-06062
CVE-2020-15970
DSA-4824-1
OPENSUSE-SU-2020:1705-1
OPENSUSE-SU-2020:1715-1
OPENSUSE-SU-2020:1829-1
OPENSUSE-SU-2020_1705-1
OPENSUSE-SU-2024:10681-1
OPENSUSE-SU-2024:12948-1
RHSA-2020:4235
RHSA-2020_4235

Affected Products

Alt Linux
Google Chrome
Red Hat
Suse