High severityCISA KEVNVD Advisory· Published Jan 8, 2021· Updated Oct 21, 2025
CVE-2020-16017
CVE-2020-16017
Description
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
CefSharp.CommonNuGet | < 86.0.241 | 86.0.241 |
CefSharp.WpfNuGet | < 86.0.241 | 86.0.241 |
CefSharp.WinFormsNuGet | < 86.0.241 | 86.0.241 |
CefSharp.Wpf.HwndHostNuGet | < 86.0.241 | 86.0.241 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-gvqv-779r-4jgpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-16017ghsaADVISORY
- chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.htmlghsax_refsource_MISCWEB
- crbug.com/1146709ghsax_refsource_MISCWEB
- github.com/cefsharp/CefSharp/security/advisories/GHSA-gvqv-779r-4jgpghsaWEB
News mentions
0No linked articles in our index yet.