rpm package

suse/gn&distro=SUSE Package Hub 15 SP2

pkg:rpm/suse/gn&distro=SUSE%20Package%20Hub%2015%20SP2

Vulnerabilities (39)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2020-15984	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.
CVE-2020-15983	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.
CVE-2020-15982	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-15981	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-15980	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.
CVE-2020-15979	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15978	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
CVE-2020-15977	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
CVE-2020-15976	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15975	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15974	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2020-15973	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.
CVE-2020-15971	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15970	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15969	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15968	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15967	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15999	—	KEV	< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15972	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-15984Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.
CVE-2020-15983Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.
CVE-2020-15982Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-15981Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-15980Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.
CVE-2020-15979Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15978Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
CVE-2020-15977Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
CVE-2020-15976Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15975Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15974Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2020-15973Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.
CVE-2020-15971Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15970Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15969Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15968Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15967Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15999KEVNov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15972Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 2 of 2