High severity8.8NVD Advisory· Published Jan 8, 2021· Updated Jun 17, 2026
CVE-2020-16037
CVE-2020-16037
Description
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Affected products
9- osv-coords7 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.1%20NonFreepkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.2%20NonFreepkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP2
< 87.0.4280.88-lp151.2.162.1+ 6 more
- (no CPE)range: < 87.0.4280.88-lp151.2.162.1
- (no CPE)range: < 87.0.4280.88-lp152.2.57.1
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 73.0.3856.284-lp151.2.39.1
- (no CPE)range: < 73.0.3856.284-lp152.2.27.1
- (no CPE)range: < 87.0.4280.88-bp151.3.147.1
- (no CPE)range: < 87.0.4280.88-bp152.2.44.1
Patches
Vulnerability mechanics
References
2- chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.htmlnvdRelease NotesVendor Advisory
- crbug.com/1142331nvdPermissions RequiredVendor Advisory
News mentions
0No linked articles in our index yet.