RHSA-2020:3377
Vulnerability from csaf_redhat - Published: 2020-08-10 06:40 - Updated: 2025-11-21 18:16Summary
Red Hat Security Advisory: chromium-browser security update
Severity
Critical
Notes
Topic: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 84.0.4147.105.
Security Fix(es):
* chromium-browser: Heap buffer overflow in background fetch (CVE-2020-6510)
* chromium-browser: Side-channel information leakage in content security policy (CVE-2020-6511)
* chromium-browser: Type Confusion in V8 (CVE-2020-6512)
* chromium-browser: Heap buffer overflow in PDFium (CVE-2020-6513)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* chromium-browser: Use after free in tab strip (CVE-2020-6515)
* chromium-browser: Policy bypass in CORS (CVE-2020-6516)
* chromium-browser: Heap buffer overflow in history (CVE-2020-6517)
* chromium-browser: Use after free in SCTP (CVE-2020-6532)
* chromium-browser: Type Confusion in V8 (CVE-2020-6537)
* chromium-browser: Inappropriate implementation in WebView (CVE-2020-6538)
* chromium-browser: Use after free in CSS (CVE-2020-6539)
* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6540)
* chromium-browser: Use after free in WebUSB (CVE-2020-6541)
* chromium-browser: Use after free in developer tools (CVE-2020-6518)
* chromium-browser: Policy bypass in CSP (CVE-2020-6519)
* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6520)
* chromium-browser: Side-channel information leakage in autofill (CVE-2020-6521)
* chromium-browser: Inappropriate implementation in external protocol handlers (CVE-2020-6522)
* chromium-browser: Out of bounds write in Skia (CVE-2020-6523)
* chromium-browser: Heap buffer overflow in WebAudio (CVE-2020-6524)
* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6525)
* chromium-browser: Inappropriate implementation in iframe sandbox (CVE-2020-6526)
* chromium-browser: Insufficient policy enforcement in CSP (CVE-2020-6527)
* chromium-browser: Incorrect security UI in basic auth (CVE-2020-6528)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6529)
* chromium-browser: Out of bounds memory access in developer tools (CVE-2020-6530)
* chromium-browser: Side-channel information leakage in scroll to text (CVE-2020-6531)
* chromium-browser: Type Confusion in V8 (CVE-2020-6533)
* chromium-browser: Heap buffer overflow in WebRTC (CVE-2020-6534)
* chromium-browser: Insufficient data validation in WebUI (CVE-2020-6535)
* chromium-browser: Incorrect security UI in PWAs (CVE-2020-6536)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
9.6 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page.
6.1 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
https://access.redhat.com/errata/RHSA-2020:3377
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 84.0.4147.105.\n\nSecurity Fix(es):\n\n* chromium-browser: Heap buffer overflow in background fetch (CVE-2020-6510)\n\n* chromium-browser: Side-channel information leakage in content security policy (CVE-2020-6511)\n\n* chromium-browser: Type Confusion in V8 (CVE-2020-6512)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2020-6513)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* chromium-browser: Use after free in tab strip (CVE-2020-6515)\n\n* chromium-browser: Policy bypass in CORS (CVE-2020-6516)\n\n* chromium-browser: Heap buffer overflow in history (CVE-2020-6517)\n\n* chromium-browser: Use after free in SCTP (CVE-2020-6532)\n\n* chromium-browser: Type Confusion in V8 (CVE-2020-6537)\n\n* chromium-browser: Inappropriate implementation in WebView (CVE-2020-6538)\n\n* chromium-browser: Use after free in CSS (CVE-2020-6539)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6540)\n\n* chromium-browser: Use after free in WebUSB (CVE-2020-6541)\n\n* chromium-browser: Use after free in developer tools (CVE-2020-6518)\n\n* chromium-browser: Policy bypass in CSP (CVE-2020-6519)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6520)\n\n* chromium-browser: Side-channel information leakage in autofill (CVE-2020-6521)\n\n* chromium-browser: Inappropriate implementation in external protocol handlers (CVE-2020-6522)\n\n* chromium-browser: Out of bounds write in Skia (CVE-2020-6523)\n\n* chromium-browser: Heap buffer overflow in WebAudio (CVE-2020-6524)\n\n* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6525)\n\n* chromium-browser: Inappropriate implementation in iframe sandbox (CVE-2020-6526)\n\n* chromium-browser: Insufficient policy enforcement in CSP (CVE-2020-6527)\n\n* chromium-browser: Incorrect security UI in basic auth (CVE-2020-6528)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6529)\n\n* chromium-browser: Out of bounds memory access in developer tools (CVE-2020-6530)\n\n* chromium-browser: Side-channel information leakage in scroll to text (CVE-2020-6531)\n\n* chromium-browser: Type Confusion in V8 (CVE-2020-6533)\n\n* chromium-browser: Heap buffer overflow in WebRTC (CVE-2020-6534)\n\n* chromium-browser: Insufficient data validation in WebUI (CVE-2020-6535)\n\n* chromium-browser: Incorrect security UI in PWAs (CVE-2020-6536)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3377",
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "1857320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857320"
},
{
"category": "external",
"summary": "1857321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857321"
},
{
"category": "external",
"summary": "1857322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857322"
},
{
"category": "external",
"summary": "1857323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857323"
},
{
"category": "external",
"summary": "1857324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857324"
},
{
"category": "external",
"summary": "1857325",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857325"
},
{
"category": "external",
"summary": "1857326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857326"
},
{
"category": "external",
"summary": "1857327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857327"
},
{
"category": "external",
"summary": "1857328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857328"
},
{
"category": "external",
"summary": "1857329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857329"
},
{
"category": "external",
"summary": "1857330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857330"
},
{
"category": "external",
"summary": "1857331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857331"
},
{
"category": "external",
"summary": "1857332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857332"
},
{
"category": "external",
"summary": "1857333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857333"
},
{
"category": "external",
"summary": "1857334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857334"
},
{
"category": "external",
"summary": "1857336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857336"
},
{
"category": "external",
"summary": "1857337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857337"
},
{
"category": "external",
"summary": "1857338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857338"
},
{
"category": "external",
"summary": "1857339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857339"
},
{
"category": "external",
"summary": "1857340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857340"
},
{
"category": "external",
"summary": "1857341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857341"
},
{
"category": "external",
"summary": "1857342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857342"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1857351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857351"
},
{
"category": "external",
"summary": "1857352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857352"
},
{
"category": "external",
"summary": "1857400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857400"
},
{
"category": "external",
"summary": "1861464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861464"
},
{
"category": "external",
"summary": "1861465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861465"
},
{
"category": "external",
"summary": "1861466",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861466"
},
{
"category": "external",
"summary": "1861467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861467"
},
{
"category": "external",
"summary": "1861468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861468"
},
{
"category": "external",
"summary": "1861469",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861469"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3377.json"
}
],
"title": "Red Hat Security Advisory: chromium-browser security update",
"tracking": {
"current_release_date": "2025-11-21T18:16:06+00:00",
"generator": {
"date": "2025-11-21T18:16:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:3377",
"initial_release_date": "2020-08-10T06:40:20+00:00",
"revision_history": [
{
"date": "2020-08-10T06:40:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-10T06:40:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:16:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"product": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"product_id": "chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chromium-browser@84.0.4147.105-2.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"product": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"product_id": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chromium-browser-debuginfo@84.0.4147.105-2.el6_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"product": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"product_id": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chromium-browser@84.0.4147.105-2.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"product": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"product_id": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chromium-browser-debuginfo@84.0.4147.105-2.el6_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686"
},
"product_reference": "chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"relates_to_product_reference": "6Client-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64"
},
"product_reference": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686"
},
"product_reference": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"relates_to_product_reference": "6Client-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
},
"product_reference": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686"
},
"product_reference": "chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64"
},
"product_reference": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686"
},
"product_reference": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
},
"product_reference": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686"
},
"product_reference": "chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"relates_to_product_reference": "6Server-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64"
},
"product_reference": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686"
},
"product_reference": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"relates_to_product_reference": "6Server-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
},
"product_reference": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686"
},
"product_reference": "chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64"
},
"product_reference": "chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686"
},
"product_reference": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
},
"product_reference": "chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.10.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6510",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857400"
}
],
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Heap buffer overflow in background fetch",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6510"
},
{
"category": "external",
"summary": "RHBZ#1857400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6510"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "chromium-browser: Heap buffer overflow in background fetch"
},
{
"cve": "CVE-2020-6511",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857320"
}
],
"notes": [
{
"category": "description",
"text": "Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Side-channel information leakage in content security policy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6511"
},
{
"category": "external",
"summary": "RHBZ#1857320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6511"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Side-channel information leakage in content security policy"
},
{
"cve": "CVE-2020-6512",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857321"
}
],
"notes": [
{
"category": "description",
"text": "Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Type Confusion in V8",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6512"
},
{
"category": "external",
"summary": "RHBZ#1857321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857321"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6512"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Type Confusion in V8"
},
{
"cve": "CVE-2020-6513",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857322"
}
],
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Heap buffer overflow in PDFium",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6513"
},
{
"category": "external",
"summary": "RHBZ#1857322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6513",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6513"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Heap buffer overflow in PDFium"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"cve": "CVE-2020-6515",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857323"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in tab strip",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6515"
},
{
"category": "external",
"summary": "RHBZ#1857323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857323"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6515",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6515"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in tab strip"
},
{
"cve": "CVE-2020-6516",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857324"
}
],
"notes": [
{
"category": "description",
"text": "Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Policy bypass in CORS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6516"
},
{
"category": "external",
"summary": "RHBZ#1857324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6516",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6516"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Policy bypass in CORS"
},
{
"cve": "CVE-2020-6517",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857351"
}
],
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Heap buffer overflow in history",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6517"
},
{
"category": "external",
"summary": "RHBZ#1857351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6517",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6517"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Heap buffer overflow in history"
},
{
"cve": "CVE-2020-6518",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857325"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in developer tools",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6518"
},
{
"category": "external",
"summary": "RHBZ#1857325",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857325"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6518"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: Use after free in developer tools"
},
{
"cve": "CVE-2020-6519",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857326"
}
],
"notes": [
{
"category": "description",
"text": "Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Policy bypass in CSP",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6519"
},
{
"category": "external",
"summary": "RHBZ#1857326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6519",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6519"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6519",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6519"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: Policy bypass in CSP"
},
{
"cve": "CVE-2020-6520",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857327"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Heap buffer overflow in Skia",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6520"
},
{
"category": "external",
"summary": "RHBZ#1857327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6520",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6520"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6520",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6520"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: Heap buffer overflow in Skia"
},
{
"cve": "CVE-2020-6521",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857328"
}
],
"notes": [
{
"category": "description",
"text": "Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Side-channel information leakage in autofill",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6521"
},
{
"category": "external",
"summary": "RHBZ#1857328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857328"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6521"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6521",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6521"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: Side-channel information leakage in autofill"
},
{
"cve": "CVE-2020-6522",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857352"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in external protocol handlers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6522"
},
{
"category": "external",
"summary": "RHBZ#1857352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857352"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6522"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: Inappropriate implementation in external protocol handlers"
},
{
"cve": "CVE-2020-6523",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857329"
}
],
"notes": [
{
"category": "description",
"text": "Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Out of bounds write in Skia",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6523"
},
{
"category": "external",
"summary": "RHBZ#1857329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857329"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6523"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6523",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6523"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: Out of bounds write in Skia"
},
{
"cve": "CVE-2020-6524",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857330"
}
],
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Heap buffer overflow in WebAudio",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6524"
},
{
"category": "external",
"summary": "RHBZ#1857330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6524",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6524"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6524",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6524"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: Heap buffer overflow in WebAudio"
},
{
"cve": "CVE-2020-6525",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857331"
}
],
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Heap buffer overflow in Skia",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6525"
},
{
"category": "external",
"summary": "RHBZ#1857331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857331"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6525"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chromium-browser: Heap buffer overflow in Skia"
},
{
"cve": "CVE-2020-6526",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857332"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in iframe sandbox",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6526"
},
{
"category": "external",
"summary": "RHBZ#1857332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6526",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6526"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Inappropriate implementation in iframe sandbox"
},
{
"cve": "CVE-2020-6527",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857333"
}
],
"notes": [
{
"category": "description",
"text": "Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Insufficient policy enforcement in CSP",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6527"
},
{
"category": "external",
"summary": "RHBZ#1857333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6527"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6527",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6527"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Insufficient policy enforcement in CSP"
},
{
"cve": "CVE-2020-6528",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857334"
}
],
"notes": [
{
"category": "description",
"text": "Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Incorrect security UI in basic auth",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6528"
},
{
"category": "external",
"summary": "RHBZ#1857334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857334"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6528",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6528"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Incorrect security UI in basic auth"
},
{
"cve": "CVE-2020-6529",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857336"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6529"
},
{
"category": "external",
"summary": "RHBZ#1857336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6529",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6529"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6529",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6529"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"cve": "CVE-2020-6530",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857337"
}
],
"notes": [
{
"category": "description",
"text": "Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Out of bounds memory access in developer tools",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6530"
},
{
"category": "external",
"summary": "RHBZ#1857337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6530",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6530"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6530",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6530"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Out of bounds memory access in developer tools"
},
{
"cve": "CVE-2020-6531",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857338"
}
],
"notes": [
{
"category": "description",
"text": "Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Side-channel information leakage in scroll to text",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6531"
},
{
"category": "external",
"summary": "RHBZ#1857338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6531",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6531"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Side-channel information leakage in scroll to text"
},
{
"cve": "CVE-2020-6532",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861466"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in SCTP",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6532"
},
{
"category": "external",
"summary": "RHBZ#1861466",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861466"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6532",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6532"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6532",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6532"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html"
}
],
"release_date": "2020-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in SCTP"
},
{
"cve": "CVE-2020-6533",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857339"
}
],
"notes": [
{
"category": "description",
"text": "Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Type Confusion in V8",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6533"
},
{
"category": "external",
"summary": "RHBZ#1857339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6533",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6533"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Type Confusion in V8"
},
{
"cve": "CVE-2020-6534",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857340"
}
],
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Heap buffer overflow in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6534"
},
{
"category": "external",
"summary": "RHBZ#1857340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6534",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6534"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Heap buffer overflow in WebRTC"
},
{
"cve": "CVE-2020-6535",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857341"
}
],
"notes": [
{
"category": "description",
"text": "Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Insufficient data validation in WebUI",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6535"
},
{
"category": "external",
"summary": "RHBZ#1857341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6535",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6535"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6535",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6535"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Insufficient data validation in WebUI"
},
{
"cve": "CVE-2020-6536",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857342"
}
],
"notes": [
{
"category": "description",
"text": "Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Incorrect security UI in PWAs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6536"
},
{
"category": "external",
"summary": "RHBZ#1857342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6536",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6536"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "chromium-browser: Incorrect security UI in PWAs"
},
{
"cve": "CVE-2020-6537",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861464"
}
],
"notes": [
{
"category": "description",
"text": "Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Type Confusion in V8",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6537"
},
{
"category": "external",
"summary": "RHBZ#1861464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6537",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6537"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html"
}
],
"release_date": "2020-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Type Confusion in V8"
},
{
"cve": "CVE-2020-6538",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861465"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebView",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6538"
},
{
"category": "external",
"summary": "RHBZ#1861465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861465"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6538",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6538"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html"
}
],
"release_date": "2020-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebView"
},
{
"cve": "CVE-2020-6539",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861467"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in CSS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6539"
},
{
"category": "external",
"summary": "RHBZ#1861467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6539",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6539"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html"
}
],
"release_date": "2020-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in CSS"
},
{
"cve": "CVE-2020-6540",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861468"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Heap buffer overflow in Skia",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6540"
},
{
"category": "external",
"summary": "RHBZ#1861468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861468"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6540",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6540"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html"
}
],
"release_date": "2020-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Heap buffer overflow in Skia"
},
{
"cve": "CVE-2020-6541",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861469"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in WebUSB",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6541"
},
{
"category": "external",
"summary": "RHBZ#1861469",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861469"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6541",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6541"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html"
}
],
"release_date": "2020-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-10T06:40:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.",
"product_ids": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3377"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-0:84.0.4147.105-2.el6_10.x86_64",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.i686",
"6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:84.0.4147.105-2.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in WebUSB"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…