Debian Chromium vulnerabilities

2,176 known vulnerabilities affecting debian/chromium.

Total CVEs
2,176
CISA KEV
65
actively exploited
Public exploits
14
Exploited in wild
56
Severity breakdown
CRITICAL102HIGH1256MEDIUM754LOW56UNKNOWN8

Vulnerabilities

Page 82 of 109
CVE-2020-6461CRITICALCVSS 9.6fixed in chromium 83.0.4103.83-1 (bookworm)2020
CVE-2020-6461 [CRITICAL] CVE-2020-6461: chromium - Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remo... Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved (fixed in 83.0.4103.83-1) sid: resolved (fixed i
debian
CVE-2020-6465CRITICALCVSS 9.6fixed in chromium 83.0.4103.83-1 (bookworm)2020
CVE-2020-6465 [CRITICAL] CVE-2020-6465: chromium - Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 ... Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved (fixed in 83.0.4103.83-1) sid: res
debian
CVE-2020-6466CRITICALCVSS 9.6fixed in chromium 83.0.4103.83-1 (bookworm)2020
CVE-2020-6466 [CRITICAL] CVE-2020-6466: chromium - Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote ... Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved (fixed in 83.0.4103.83-1) sid: resolved (fixed in 8
debian
CVE-2020-6831CRITICALCVSS 9.8fixed in chromium 83.0.4103.83-1 (bookworm)2020
CVE-2020-6831 [CRITICAL] CVE-2020-6831: chromium - A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC.... A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved
debian
CVE-2020-6573CRITICALCVSS 9.6fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-6573 [CRITICAL] CVE-2020-6573: chromium - Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allow... Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed in 87.0.4280.88-0.1) sid: re
debian
CVE-2020-6471CRITICALCVSS 9.6fixed in chromium 83.0.4103.83-1 (bookworm)2020
CVE-2020-6471 [CRITICAL] CVE-2020-6471: chromium - Insufficient policy enforcement in developer tools in Google Chrome prior to 83.... Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved (fixed in
debian
CVE-2020-15963CRITICALCVSS 9.6fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-15963 [CRITICAL] CVE-2020-15963: chromium - Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.418... Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed i
debian
CVE-2020-6493CRITICALCVSS 9.6fixed in chromium 83.0.4103.106-1 (bookworm)2020
CVE-2020-6493 [CRITICAL] CVE-2020-6493: chromium - Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allow... Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.106-1) bullseye: resolved (fixed in 83.0.4103.106-1) forky: resolved (fixed in 83.0.4103.106-1) sid: resol
debian
CVE-2020-16016CRITICALCVSS 9.6fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-16016 [CRITICAL] CVE-2020-16016: chromium - Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 all... Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed in 87.0.4280.88-0.1) sid
debian
CVE-2020-6509CRITICALCVSS 9.6fixed in chromium 83.0.4103.116-1 (bookworm)2020
CVE-2020-6509 [CRITICAL] CVE-2020-6509: chromium - Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an ... Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Scope: local bookworm: resolved (fixed in 83.0.4103.116-1) bullseye: resolved (fixed in 83.0.4103.116-1) forky: resolved (fixed in 83.0.4103.116-1) si
debian
CVE-2020-6505CRITICALCVSS 9.6fixed in chromium 83.0.4103.106-1 (bookworm)2020
CVE-2020-6505 [CRITICAL] CVE-2020-6505: chromium - Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remot... Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.106-1) bullseye: resolved (fixed in 83.0.4103.106-1) forky: resolved (fixed in 83.0.4103.106-1) sid: resolved (fixed in 83.0.4103.106-1) trixie: resolved (fi
debian
CVE-2020-6457CRITICALCVSS 9.6fixed in chromium 83.0.4103.83-1 (bookworm)2020
CVE-2020-6457 [CRITICAL] CVE-2020-6457: chromium - Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allo... Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved (fixed in 83.0.4103.83-1) sid: resolved (fixed in 83.0.4103.83-1) trixie: resol
debian
CVE-2020-16018CRITICALCVSS 9.6fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-16018 [CRITICAL] CVE-2020-16018: chromium - Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remo... Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed in 87.0.4280.88-0.1) sid: resolved
debian
CVE-2020-6492CRITICALCVSS 9.6fixed in chromium 83.0.4103.106-1 (bookworm)2020
CVE-2020-6492 [CRITICAL] CVE-2020-6492: chromium - Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote ... Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.106-1) bullseye: resolved (fixed in 83.0.4103.106-1) forky: resolved (fixed in 83.0.4103.106-1) sid: resolved (fixed in 83.0.4103.106-1) trixie: resolved (fixe
debian
CVE-2020-16025CRITICALCVSS 9.6fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-16025 [CRITICAL] CVE-2020-16025: chromium - Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed... Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed in 87.0.4280.88-0.1) sid: re
debian
CVE-2020-6462CRITICALCVSS 9.6fixed in chromium 83.0.4103.83-1 (bookworm)2020
CVE-2020-6462 [CRITICAL] CVE-2020-6462: chromium - Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowe... Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved (fixed in 83.0.4103.83-1) sid: resolved
debian
CVE-2020-15961CRITICALCVSS 9.6fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-15961 [CRITICAL] CVE-2020-15961: chromium - Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183... Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed in
debian
CVE-2020-16024CRITICALCVSS 9.6fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-16024 [CRITICAL] CVE-2020-16024: chromium - Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remo... Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed in 87.0.4280.88-0.1) sid: resolved
debian
CVE-2020-16014CRITICALCVSS 9.6fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-16014 [CRITICAL] CVE-2020-16014: chromium - Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote ... Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed in 87.0.4280.88-0.1) sid: resolved (fi
debian
CVE-2020-16017CRITICALCVSS 9.6KEVfixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-16017 [CRITICAL] CVE-2020-16017: chromium - Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed... Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 87.0.4280.88-0.1) bullseye: resolved (fixed in 87.0.4280.88-0.1) forky: resolved (fixed in 87.0.4280.88-0.1) sid: re
debian
← Previous82 / 109Next →