Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-13 CVE-2020-6442 Exposure of Resource to Wrong Sphere vulnerability in multiple products
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-668
4.3
4.3
2020-04-13 CVE-2020-6441 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-276
4.3
4.3
2020-04-13 CVE-2020-6440 Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
network
low complexity
google debian fedoraproject opensuse
4.3
4.3
2020-04-13 CVE-2020-6438 Information Exposure Through an Error Message vulnerability in multiple products
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.
network
low complexity
google debian fedoraproject opensuse CWE-209
4.3
4.3
2020-04-13 CVE-2020-6437 Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.
network
low complexity
google debian fedoraproject opensuse
4.3
4.3
2020-04-13 CVE-2020-6435 Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse
4.3
4.3
2020-04-13 CVE-2020-6433 Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse
4.3
4.3
2020-04-13 CVE-2020-6432 Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse
4.3
4.3
2020-04-13 CVE-2020-6431 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-276
4.3
4.3
2020-04-13 CVE-2020-1759 A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session.
network
high complexity
redhat linuxfoundation fedoraproject
6.8
6.8