cbcvebase.
CVE-2020-6444
published 2020-04-13

CVE-2020-6444: Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

medium6.3CVSS 3.1
AVNACLPRNUIRSUCLILAL
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Affected

15 ranges
VendorProductVersion rangeFixed in
chromiumchromium>= 0 < 81.0.4044.92-181.0.4044.92-1
chromiumchromium>= 0 < 81.0.4044.92-181.0.4044.92-1
chromiumchromium>= 0 < 81.0.4044.92-181.0.4044.92-1
chromiumchromium>= 0 < 81.0.4044.92-181.0.4044.92-1
debianchromium< chromium 81.0.4044.92-1 (bookworm)chromium 81.0.4044.92-1 (bookworm)
debiandebian_linux
debiandebian_linux
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
googlechrome< 81.0.4044.9281.0.4044.92
googlechrome>= unspecified < 81.0.4044.9281.0.4044.92
googlechrome_chrome
opensusebackports_sle
opensuseleap

CVSS provenance

nvdv3.16.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
osv6.3MEDIUM