Several vulnerabilities have been discovered in the chromium web browser. CVE-2020-6423 A use-after-free issue was found in the audio implementation. CVE-2020-6430 Avihay Cohen discovered a type confusion issue in the v8 javascript library. CVE-2020-6431 Luan Herrera discovered a policy enforcement error. CVE-2020-6432 Luan Herrera discovered a policy enforcement error. CVE-2020-6433 Luan Herrera discovered a policy enforcement error in extensions. CVE-2020-6434 HyungSeok Han discovered a use-after-free issue in the developer tools. CVE-2020-6435 Sergei Glazunov discovered a policy enforcement error in extensions. CVE-2020-6436 Igor Bukanov discovered a use-after-free issue. CVE-2020-6437 Jann Horn discovered an implementation error in WebView. CVE-2020-6438 Ng Yik Phang discovered a policy enforcement error in extensions. CVE-2020-6439 remkoboonstra discovered a policy enforcement error. CVE-2020-6440 David Erceg discovered an implementation error in extensions. CVE-2020-6441 David Erceg discovered a policy enforcement error. CVE-2020-6442 B@rMey discovered an implementation error in the page cache. CVE-2020-6443 @lovasoa discovered an implementation error in the developer tools. CVE-2020-6444 mlfbrown discovered an uninitialized variable in the WebRTC implementation. CVE-2020-6445 Jun Kokatsu discovered a policy enforcement error. CVE-2020-6446 Jun Kokatsu discovered a policy enforcement error. CVE-2020-6447 David Erceg discovered an implementation error in the developer tools. CVE-2020-6448 Guang Gong discovered a use-after-free issue in the v8 javascript library. CVE-2020-6454 Leecraso and Guang Gong discovered a use-after-free issue in extensions. CVE-2020-6455 Nan Wang and Guang Gong discovered an out-of-bounds read issue in the WebSQL implementation. CVE-2020-6456 Michał Bentkowski discovered insufficient validation of untrusted input. CVE-2020-6457 Leecraso and Guang Gong discovered a use-after-free issue in the speech recognizer. CVE-2020-6458 Aleksandar Nikolic discoved an out-of-bounds read and write issue in the pdfium library. CVE-2020-6459 Zhe Jin discovered a use-after-free issue in the payments implementation. CVE-2020-6460 It was discovered that URL formatting was insufficiently validated. CVE-2020-6461 Zhe Jin discovered a use-after-free issue. CVE-2020-6462 Zhe Jin discovered a use-after-free issue in task scheduling. CVE-2020-6463 Pawel Wylecial discovered a use-after-free issue in the ANGLE library. CVE-2020-6464 Looben Yang discovered a type confusion issue in Blink/Webkit. CVE-2020-6465 Woojin Oh discovered a use-after-free issue. CVE-2020-6466 Zhe Jin discovered a use-after-free issue. CVE-2020-6467 ZhanJia Song discovered a use-after-free issue in the WebRTC implementation. CVE-2020-6468 Chris Salls and Jake Corina discovered a type confusion issue in the v8 javascript library. CVE-2020-6469 David Erceg discovered a policy enforcement error in the developer tools. CVE-2020-6470 Michał Bentkowski discovered insufficient validation of untrusted input. CVE-2020-6471 David Erceg discovered a policy enforcement error in the developer tools. CVE-2020-6472 David Erceg discovered a policy enforcement error in the developer tools. CVE-2020-6473 Soroush Karami and Panagiotis Ilia discovered a policy enforcement error in Blink/Webkit. CVE-2020-6474 Zhe Jin discovered a use-after-free issue in Blink/Webkit. CVE-2020-6475 Khalil Zhani discovered a user interface error. CVE-2020-6476 Alexandre Le Borgne discovered a policy enforcement error. CVE-2020-6478 Khalil Zhani discovered an implementation error in full screen mode. CVE-2020-6479 Zhong Zhaochen discovered an implementation error. CVE-2020-6480 Marvin Witt discovered a policy enforcement error. CVE-2020-6481 Rayyan Bijoora discovered a policy enforcement error. CVE-2020-6482 Abdulrahman Alqabandi discovered a policy enforcement error in the developer tools. CVE-2020-6483 Jun Kokatsu discovered a policy enforcement error in payments. CVE-2020-6484 Artem Zinenko discovered insufficient validation of user data in the ChromeDriver implementation. CVE-2020-6485 Sergei Glazunov discovered a policy enforcement error. CVE-2020-6486 David Erceg discovered a policy enforcement error. CVE-2020-6487 Jun Kokatsu discovered a policy enforcement error. CVE-2020-6488 David Erceg discovered a policy enforcement error. CVE-2020-6489 @lovasoa discovered an implementation error in the developer tools. CVE-2020-6490 Insufficient validation of untrusted data was discovered. CVE-2020-6491 Sultan Haikal discovered a user interface error. CVE-2020-6493 A use-after-free issue was discovered in the WebAuthentication implementation. CVE-2020-6494 Juho Nurimen discovered a user interface error. CVE-2020-6495 David Erceg discovered a policy enforcement error in the developer tools. CVE-2020-6496 Khalil Zhani discovered a use-after-free issue in payments. CVE-2020-6497 Rayyan Bijoora discovered a policy enforcement issue. CVE-2020-6498 Rayyan Bijoora discovered a user interface error. CVE-2020-6505 Khalil Zhani discovered a use-after-free issue. CVE-2020-6506 Alesandro Ortiz discovered a policy enforcement error. CVE-2020-6507 Sergei Glazunov discovered an out-of-bounds write issue in the v8 javascript library. CVE-2020-6509 A use-after-free issue was discovered in extensions. CVE-2020-6831 Natalie Silvanovich discovered a buffer overflow issue in the SCTP library. For the oldstable distribution (stretch), security support for chromium has been discontinued. For the stable distribution (buster), these problems have been fixed in version 83.0.4103.116-1~deb10u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium
Several vulnerabilities have been discovered in the chromium web browser.
A use-after-free issue was found in the audio implementation.
Avihay Cohen discovered a type confusion issue in the v8 javascript library.
Luan Herrera discovered a policy enforcement error.
Luan Herrera discovered a policy enforcement error.
Luan Herrera discovered a policy enforcement error in extensions.
HyungSeok Han discovered a use-after-free issue in the developer tools.
Sergei Glazunov discovered a policy enforcement error in extensions.
Igor Bukanov discovered a use-after-free issue.
Jann Horn discovered an implementation error in WebView.
Ng Yik Phang discovered a policy enforcement error in extensions.
remkoboonstra discovered a policy enforcement error.
David Erceg discovered an implementation error in extensions.
David Erceg discovered a policy enforcement error.
B@rMey discovered an implementation error in the page cache.
@lovasoa discovered an implementation error in the developer tools.
mlfbrown discovered an uninitialized variable in the WebRTC implementation.
Jun Kokatsu discovered a policy enforcement error.
Jun Kokatsu discovered a policy enforcement error.
David Erceg discovered an implementation error in the developer tools.
Guang Gong discovered a use-after-free issue in the v8 javascript library.
Leecraso and Guang Gong discovered a use-after-free issue in extensions.
Nan Wang and Guang Gong discovered an out-of-bounds read issue in the WebSQL implementation.
Michał Bentkowski discovered insufficient validation of untrusted input.
Leecraso and Guang Gong discovered a use-after-free issue in the speech recognizer.
Aleksandar Nikolic discoved an out-of-bounds read and write issue in the pdfium library.
Zhe Jin discovered a use-after-free issue in the payments implementation.
It was discovered that URL formatting was insufficiently validated.
Zhe Jin discovered a use-after-free issue.
Zhe Jin discovered a use-after-free issue in task scheduling.
Pawel Wylecial discovered a use-after-free issue in the ANGLE library.
Looben Yang discovered a type confusion issue in Blink/Webkit.
Woojin Oh discovered a use-after-free issue.
Zhe Jin discovered a use-after-free issue.
ZhanJia Song discovered a use-after-free issue in the WebRTC implementation.
Chris Salls and Jake Corina discovered a type confusion issue in the v8 javascript library.
David Erceg discovered a policy enforcement error in the developer tools.
Michał Bentkowski discovered insufficient validation of untrusted input.
David Erceg discovered a policy enforcement error in the developer tools.
David Erceg discovered a policy enforcement error in the developer tools.
Soroush Karami and Panagiotis Ilia discovered a policy enforcement error in Blink/Webkit.
Zhe Jin discovered a use-after-free issue in Blink/Webkit.
Khalil Zhani discovered a user interface error.
Alexandre Le Borgne discovered a policy enforcement error.
Khalil Zhani discovered an implementation error in full screen mode.
Zhong Zhaochen discovered an implementation error.
Marvin Witt discovered a policy enforcement error.
Rayyan Bijoora discovered a policy enforcement error.
Abdulrahman Alqabandi discovered a policy enforcement error in the developer tools.
Jun Kokatsu discovered a policy enforcement error in payments.
Artem Zinenko discovered insufficient validation of user data in the ChromeDriver implementation.
Sergei Glazunov discovered a policy enforcement error.
David Erceg discovered a policy enforcement error.
Jun Kokatsu discovered a policy enforcement error.
David Erceg discovered a policy enforcement error.
@lovasoa discovered an implementation error in the developer tools.
Insufficient validation of untrusted data was discovered.
Sultan Haikal discovered a user interface error.
A use-after-free issue was discovered in the WebAuthentication implementation.
Juho Nurimen discovered a user interface error.
David Erceg discovered a policy enforcement error in the developer tools.
Khalil Zhani discovered a use-after-free issue in payments.
Rayyan Bijoora discovered a policy enforcement issue.
Rayyan Bijoora discovered a user interface error.
Khalil Zhani discovered a use-after-free issue.
Alesandro Ortiz discovered a policy enforcement error.
Sergei Glazunov discovered an out-of-bounds write issue in the v8 javascript library.
A use-after-free issue was discovered in extensions.
Natalie Silvanovich discovered a buffer overflow issue in the SCTP library.
For the oldstable distribution (stretch), security support for chromium has been discontinued.
For the stable distribution (buster), these problems have been fixed in version 83.0.4103.116-1~deb10u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium
Vulmon