vulnerability

FreeBSD: VID-01FFD06A-36ED-11EB-B655-3065EC8FD3EC (CVE-2020-16042): chromium -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Dec 2, 2020	Dec 6, 2020	Jan 14, 2021

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Dec 2, 2020

Added

Dec 6, 2020

Modified

Jan 14, 2021

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-01FFD06A-36ED-11EB-B655-3065EC8FD3EC:

Chrome Releases reports:

This release contains 8 security fixes, including:

[1142331] High CVE-2020-16037: Use after free in clipboard.

Reported by Ryoya Tsukasaki on 2020-10-26

[1138683] High CVE-2020-16038: Use after free in media.

Reported by Khalil Zhani on 2020-10-14

[1149177] High CVE-2020-16039: Use after free in extensions.

Reported by Anonymous on 2020-11-15

[1150649] High CVE-2020-16040: Insufficient data validation in

V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability

Research on 2020-11-19

[1151865] Medium CVE-2020-16041: Out of bounds read in

networking. Reported by Sergei Glazunov and Mark Brand of Google

Project Zero on 2020-11-23

[1151890] Medium CVE-2020-16042: Uninitialized Use in V8.

Reported by André Bargull on 2020-11-2

Solution

freebsd-upgrade-package-chromium

References

NVD-CVE-2020-16042

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today