CVE-2020-6433

Advisory lineage Upstream: 0 Downstream: 9
Modified
Published: 13 Apr 2020, 17:30
Last modified:04 Aug 2024, 09:02

Vulnerability Summary

Overall Risk (default)
low
17/100
CVSS Score
4.3 MEDIUM
v3.1 (nvd)
EPSS Score
0.74% LOW
1% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

13 Apr 2020, 17:30
Published
Vulnerability first disclosed
04 Aug 2024, 09:02
Last Modified
Vulnerability information updated

Description

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CVSS Metrics

  • v3.1MEDIUMScore: 4.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
  • v2.0MEDIUMScore: 4.3AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 0.74% Percentile: 73%

Affected Systems

  • debiandebian_linux

    9.0 | 10.0

  • fedoraprojectfedora

    30 | 31 | 32

  • googlechrome

    < 81.0.4044.92 | ≥ unspecified, < 81.0.4044.92

  • opensusebackports

    sle-15:sp1

  • opensuseleap

    15.1

References (8)