CVE-2020-6440
10 documents8 sources
Severity
4.3MEDIUM
EPSS
0.7%
top 28.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 13
Latest updateMay 24
Description
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4
Affected Packages5 packages
Also affects: Debian Linux 10.0, 9.0, Fedora 30, 31, 32
🔴Vulnerability Details
3GHSA▶
GHSA-vc2r-f7w9-m9hp: Inappropriate implementation in extensions in Google Chrome prior to 81↗2022-05-24
CVEList
▶
OSV
▶
📋Vendor Advisories
3💬Community
3Bugzilla▶
CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436 CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440 CVE-2020-6441 CVE-2020-6442 CVE-2020-6443 CVE-↗2020-04-09
Bugzilla▶
CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436 CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440 CVE-2020-6441 CVE-2020-6442 CVE-2020-6443 CVE-↗2020-04-09