Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-05-21 | CVE-2020-6484 | Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 6.5 | ||
| 2020-05-21 | CVE-2020-6485 | Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 6.5 | ||
| 2020-05-21 | CVE-2020-6487 | Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 6.5 | ||
| 2020-05-21 | CVE-2020-6488 | Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 | ||
| 2020-05-21 | CVE-2020-6489 | Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 | ||
| 2020-05-21 | CVE-2020-6490 | Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 | ||
| 2020-05-21 | CVE-2020-6491 | Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 6.5 | ||
| 2020-05-21 | CVE-2020-13112 | An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093. | Ubuntu_linux, Debian_linux, Libexif, Leap | 9.1 | ||
| 2020-05-21 | CVE-2020-13114 | An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data. | Ubuntu_linux, Libexif, Leap | 7.5 | ||
| 2020-05-21 | CVE-2020-13113 | An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions. | Ubuntu_linux, Debian_linux, Libexif, Leap | 8.2 |