VuXML: chromium -- multiple vulnerabilities

VuXML ID	01ffd06a-36ed-11eb-b655-3065ec8fd3ec
Discovery	2020-12-02
Entry	2020-12-05

Chrome Releases reports:

This release contains 8 security fixes, including:

[1142331] High CVE-2020-16037: Use after free in clipboard. Reported by Ryoya Tsukasaki on 2020-10-26

[1138683] High CVE-2020-16038: Use after free in media. Reported by Khalil Zhani on 2020-10-14

[1149177] High CVE-2020-16039: Use after free in extensions. Reported by Anonymous on 2020-11-15

[1150649] High CVE-2020-16040: Insufficient data validation in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-11-19

[1151865] Medium CVE-2020-16041: Out of bounds read in networking. Reported by Sergei Glazunov and Mark Brand of Google Project Zero on 2020-11-23

[1151890] Medium CVE-2020-16042: Uninitialized Use in V8. Reported by André Bargull on 2020-11-2

[source]

CVE Name	CVE-2020-16037
CVE Name	CVE-2020-16038
CVE Name	CVE-2020-16039
CVE Name	CVE-2020-16040
CVE Name	CVE-2020-16041
CVE Name	CVE-2020-16042
URL	https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html

chromium -- multiple vulnerabilities

Details

References