Unrated severityNVD Advisory· Published Nov 3, 2020· Updated Aug 4, 2024
CVE-2020-16007
CVE-2020-16007
Description
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
Affected products
9- osv-coords8 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.1%20NonFreepkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.2%20NonFreepkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP2pkg:rpm/suse/gn&distro=SUSE%20Package%20Hub%2015%20SP2
< 86.0.4240.183-bp151.3.119.1+ 7 more
- (no CPE)range: < 86.0.4240.183-bp151.3.119.1
- (no CPE)range: < 86.0.4240.183-bp151.3.119.1
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 72.0.3815.320-lp152.2.21.1
- (no CPE)range: < 72.0.3815.320-lp152.2.21.1
- (no CPE)range: < 86.0.4240.183-bp151.3.119.1
- (no CPE)range: < 86.0.4240.183-bp152.2.26.1
- (no CPE)range: < 0.1807-bp152.2.3.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-11/msg00017.htmlmitrevendor-advisoryx_refsource_SUSE
- www.debian.org/security/2021/dsa-4824mitrevendor-advisoryx_refsource_DEBIAN
- chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.htmlmitrex_refsource_MISC
- crbug.com/1125018mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.