cbcvebase.
CVE-2020-6428
published 2020-03-23

CVE-2020-6428: Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Affected

16 ranges
VendorProductVersion rangeFixed in
chromiumchromium>= 0 < 80.0.3987.149-180.0.3987.149-1
chromiumchromium>= 0 < 80.0.3987.149-180.0.3987.149-1
chromiumchromium>= 0 < 80.0.3987.149-180.0.3987.149-1
chromiumchromium>= 0 < 80.0.3987.149-180.0.3987.149-1
debianchromium< chromium 80.0.3987.149-1 (bookworm)chromium 80.0.3987.149-1 (bookworm)
debiandebian_linux
debiandebian_linux
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
googlechrome< 80.0.3987.14980.0.3987.149
googlechrome>= unspecified < 80.0.3987.14980.0.3987.149
googlechrome_chrome
opensusebackports_sle
susesuse_linux_enterprise_desktop
susesuse_linux_enterprise_server

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH