CVE-2020-15994Use After Free in Google Chrome

CWE-416Use After Free5 documents5 sources
Severity
8.8HIGHNVD
EPSS
5.0%
top 10.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Google ChromeDebian ChromiumGoogle Chrome Chrome
Timeline
PublishedNov 3
Latest updateMay 24

Description

Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

CVEListV5google/chromeunspecified86.0.4240.99
NVDgoogle/chrome< 86.0.4240.99

🔴Vulnerability Details

2
GHSA
GHSA-9pg9-hg9f-fw5m: Use after free in V8 in Google Chrome prior to 862022-05-24
VulnCheck
Google Chrome Use After Free2020

📋Vendor Advisories

2
Chrome
Chrome for Android Update: CVE-2020-159932020-10-13
Debian
CVE-2020-15994: chromium - Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote att...2020