CVE-2020-6561 — Improperly Implemented Security Check for Standard in Google Chrome
Severity
6.5MEDIUMNVD
EPSS
1.0%
top 23.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 21
Latest updateMay 24
Description
Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages5 packages
Also affects: Debian Linux 10.0, Fedora 33
🔴Vulnerability Details
3GHSA▶
GHSA-fch3-5vmv-jh77: Inappropriate implementation in Content Security Policy in Google Chrome prior to 85↗2022-05-24
OSV▶
CVE-2020-6561: Inappropriate implementation in Content Security Policy in Google Chrome prior to 85↗2020-09-21
CVEList▶
CVE-2020-6561: Inappropriate implementation in Content Security Policy in Google Chrome prior to 85↗2020-09-21
📋Vendor Advisories
3💬Community
3Bugzilla
▶
Bugzilla▶
CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567 CVE-2020-6568 CVE-2020-6569 CVE-2020-6570 CVE-2020-6571 chromium: various ↗2020-08-27
Bugzilla▶
CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567 CVE-2020-6568 CVE-2020-6569 CVE-2020-6570 CVE-2020-6571 chromium: various ↗2020-08-27