7.8

CVE-2020-6574

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 85.0.4183.102
   ApplemacOS X Version-
OpensuseBackports Sle Version15.0 Updatesp1
OpensuseBackports Sle Version15.0 Updatesp2
OpensuseLeap Version15.1
OpensuseLeap Version15.2
DebianDebian Linux Version10.0
FedoraprojectFedora Version31
FedoraprojectFedora Version33
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.275
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://www.debian.org/security/2021/dsa-4824
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00072.html
Patch
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html
Broken Link
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop.html
Vendor Advisory
Release Notes
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZIGAOCZKBT4LV363BCPRA5FLY25I/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNIYFJST4TFJYFZ27VODBOINCLBGULTD/
https://crbug.com/1102196
Vendor Advisory
Permissions Required