6.5
CVE-2020-6399
- EPSS 1.09%
- Veröffentlicht 11.02.2020 15:15:13
- Zuletzt bearbeitet 21.11.2024 05:35:39
- Quelle chrome-cve-admin@google.com
- CVE-Watchlists
- Unerledigt
LoginInsufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Opensuse ≫ Backports Sle Version15.0 Updatesp1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.09% | 0.773 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.