CRITICAL 9.6 KEV Publié le 2020-11-03

CVE-2020-15999

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA Known Exploited Vulnerability

Ajouté au KEV: 2021-11-03
Deadline remédiation: 2021-11-17
Action requise: Apply updates per vendor instructions.
Ransomware: Non

Apps mobiles affectées

com.google.chrome.ios

1 CVE 1 KEV

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
google	chrome	Android	<86.0.4240.111	cpe:2.3:a:google:chrome::::::::
google	chrome	iOS	<86.0.4240.111	cpe:2.3:a:google:chrome::::::::

Voir sur NVD ↗ Catalogue CISA KEV ↗