CVE-2020-16009

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cefsharp:cefsharp:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

07 Nov 2023, 03:18

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SC3U3H6AISVZB5PLZLLNF4HMQ4UFFL7M/', 'name': 'FEDORA-2020-4e8e48da22', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/', 'name': 'FEDORA-2020-3e005ce2e0', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SC3U3H6AISVZB5PLZLLNF4HMQ4UFFL7M/ -

06 Jun 2023, 13:59

Type Values Removed Values Added
CPE cpe:2.3:a:cefsharp:cefsharp:*:*:*:*:*:*:*:*
CWE CWE-843
First Time Cefsharp cefsharp
Cefsharp

07 Jan 2021, 14:11

Type Values Removed Values Added
CPE cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
References (MISC) https://crbug.com/1143772 - Third Party Advisory (MISC) https://crbug.com/1143772 - Permissions Required
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/ - Third Party Advisory
References (DEBIAN) https://www.debian.org/security/2021/dsa-4824 - (DEBIAN) https://www.debian.org/security/2021/dsa-4824 - Third Party Advisory
References (MISC) http://packetstormsecurity.com/files/159974/Chrome-V8-Turbofan-Type-Confusion.html - Third Party Advisory, VDB Entry (MISC) http://packetstormsecurity.com/files/159974/Chrome-V8-Turbofan-Type-Confusion.html - Exploit, Third Party Advisory, VDB Entry
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SC3U3H6AISVZB5PLZLLNF4HMQ4UFFL7M/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SC3U3H6AISVZB5PLZLLNF4HMQ4UFFL7M/ - Third Party Advisory

02 Jan 2021, 16:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2021/dsa-4824 -

Information

Published : 2020-11-03 03:15

Updated : 2023-12-10 13:41


NVD link : CVE-2020-16009

Mitre link : CVE-2020-16009

CVE.ORG link : CVE-2020-16009


JSON object : View

Products Affected

microsoft

  • edge
  • edge_chromium

opensuse

  • leap
  • backports_sle

debian

  • debian_linux

cefsharp

  • cefsharp

google

  • chrome

fedoraproject

  • fedora
CWE
CWE-787

Out-of-bounds Write

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')