CVE-2020-16041
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
08/01/2021
Last modified:
17/06/2026
Description
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
Impact
Base Score 3.x
8.10
Severity 3.x
HIGH
Base Score 2.0
5.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | 87.0.4280.88 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://packetstormsecurity.com/files/161581/Chrome-DataElement-Out-Of-Bounds-Read.html
- https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html
- https://crbug.com/1151865
- http://packetstormsecurity.com/files/161581/Chrome-DataElement-Out-Of-Bounds-Read.html
- https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html
- https://crbug.com/1151865



