QwikSec

Security Database

CVE

CWE

Training

CVE-2020-6438

Published: Apr 13, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.

Vendor	Product	Versions
Google	Chrome	affected `unspecified - < 81.0.4044.92`

References

https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html

x_refsource_MISC

https://crbug.com/714617

x_refsource_MISC

openSUSE-SU-2020:0519

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:0540

vendor-advisory

x_refsource_SUSE

FEDORA-2020-b82a634e27

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-0e7f1b663b

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-da49fbb17c

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.