{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for chromium","title":"Title of the patch"},{"category":"description","text":"This update for chromium fixes the following issues:\n\nChromium was updated to version 80.0.3987.87 (boo#1162833).\n\nSecurity issues fixed:\n\n- CVE-2020-6381: Integer overflow in JavaScript (boo#1162833).\n- CVE-2020-6382: Type Confusion in JavaScript (boo#1162833).\n- CVE-2019-18197: Multiple vulnerabilities in XML (boo#1162833).\n- CVE-2019-19926: Inappropriate implementation in SQLite (boo#1162833).\n- CVE-2020-6385: Insufficient policy enforcement in storage (boo#1162833).\n- CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite (boo#1162833).\n- CVE-2020-6387: Out of bounds write in WebRTC (boo#1162833).\n- CVE-2020-6388: Out of bounds memory access in WebAudio (boo#1162833).\n- CVE-2020-6389: Out of bounds write in WebRTC (boo#1162833).\n- CVE-2020-6390: Out of bounds memory access in streams (boo#1162833).\n- CVE-2020-6391: Insufficient validation of untrusted input in Blink (boo#1162833).\n- CVE-2020-6392: Insufficient policy enforcement in extensions (boo#1162833).\n- CVE-2020-6393: Insufficient policy enforcement in Blink (boo#1162833).\n- CVE-2020-6394: Insufficient policy enforcement in Blink (boo#1162833).\n- CVE-2020-6395: Out of bounds read in JavaScript (boo#1162833).\n- CVE-2020-6396: Inappropriate implementation in Skia (boo#1162833).\n- CVE-2020-6397: Incorrect security UI in sharing (boo#1162833).\n- CVE-2020-6398: Uninitialized use in PDFium (boo#1162833).\n- CVE-2020-6399: Insufficient policy enforcement in AppCache (boo#1162833).\n- CVE-2020-6400: Inappropriate implementation in CORS (boo#1162833).\n- CVE-2020-6401: Insufficient validation of untrusted input in Omnibox (boo#1162833).\n- CVE-2020-6402: Insufficient policy enforcement in downloads (boo#1162833).\n- CVE-2020-6403: Incorrect security UI in Omnibox (boo#1162833).\n- CVE-2020-6404: Inappropriate implementation in Blink (boo#1162833).\n- CVE-2020-6405: Out of bounds read in SQLite (boo#1162833).\n- CVE-2020-6406: Use after free in audio (boo#1162833).\n- CVE-2019-19923: Out of bounds memory access in SQLite (boo#1162833).\n- CVE-2020-6408: Insufficient policy enforcement in CORS (boo#1162833).\n- CVE-2020-6409: Inappropriate implementation in Omnibox (boo#1162833).\n- CVE-2020-6410: Insufficient policy enforcement in navigation (boo#1162833).\n- CVE-2020-6411: Insufficient validation of untrusted input in Omnibox (boo#1162833).\n- CVE-2020-6412: Insufficient validation of untrusted input in Omnibox (boo#1162833).\n- CVE-2020-6413: Inappropriate implementation in Blink (boo#1162833).\n- CVE-2020-6414: Insufficient policy enforcement in Safe Browsing (boo#1162833).\n- CVE-2020-6415: Inappropriate implementation in JavaScript (boo#1162833).\n- CVE-2020-6416: Insufficient data validation in streams (boo#1162833).\n- CVE-2020-6417: Inappropriate implementation in installer (boo#1162833).\n\nThis update was imported from the openSUSE:Leap:15.1:Update update project.","title":"Description of the patch"},{"category":"details","text":"openSUSE-2020-210","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0210-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2020:0210-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AAOUMLFZMVYH6TYWJSSQ6OXQGLVPDPJ6/"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2020:0210-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AAOUMLFZMVYH6TYWJSSQ6OXQGLVPDPJ6/"},{"category":"self","summary":"SUSE Bug 1162833","url":"https://bugzilla.suse.com/1162833"},{"category":"self","summary":"SUSE CVE CVE-2019-18197 page","url":"https://www.suse.com/security/cve/CVE-2019-18197/"},{"category":"self","summary":"SUSE CVE CVE-2019-19880 page","url":"https://www.suse.com/security/cve/CVE-2019-19880/"},{"category":"self","summary":"SUSE CVE CVE-2019-19923 page","url":"https://www.suse.com/security/cve/CVE-2019-19923/"},{"category":"self","summary":"SUSE CVE CVE-2019-19925 page","url":"https://www.suse.com/security/cve/CVE-2019-19925/"},{"category":"self","summary":"SUSE CVE CVE-2019-19926 page","url":"https://www.suse.com/security/cve/CVE-2019-19926/"},{"category":"self","summary":"SUSE CVE CVE-2020-6381 page","url":"https://www.suse.com/security/cve/CVE-2020-6381/"},{"category":"self","summary":"SUSE CVE CVE-2020-6382 page","url":"https://www.suse.com/security/cve/CVE-2020-6382/"},{"category":"self","summary":"SUSE CVE CVE-2020-6385 page","url":"https://www.suse.com/security/cve/CVE-2020-6385/"},{"category":"self","summary":"SUSE CVE CVE-2020-6387 page","url":"https://www.suse.com/security/cve/CVE-2020-6387/"},{"category":"self","summary":"SUSE CVE CVE-2020-6388 page","url":"https://www.suse.com/security/cve/CVE-2020-6388/"},{"category":"self","summary":"SUSE CVE CVE-2020-6389 page","url":"https://www.suse.com/security/cve/CVE-2020-6389/"},{"category":"self","summary":"SUSE CVE CVE-2020-6390 page","url":"https://www.suse.com/security/cve/CVE-2020-6390/"},{"category":"self","summary":"SUSE CVE CVE-2020-6391 page","url":"https://www.suse.com/security/cve/CVE-2020-6391/"},{"category":"self","summary":"SUSE CVE CVE-2020-6392 page","url":"https://www.suse.com/security/cve/CVE-2020-6392/"},{"category":"self","summary":"SUSE CVE CVE-2020-6393 page","url":"https://www.suse.com/security/cve/CVE-2020-6393/"},{"category":"self","summary":"SUSE CVE CVE-2020-6394 page","url":"https://www.suse.com/security/cve/CVE-2020-6394/"},{"category":"self","summary":"SUSE CVE CVE-2020-6395 page","url":"https://www.suse.com/security/cve/CVE-2020-6395/"},{"category":"self","summary":"SUSE CVE CVE-2020-6396 page","url":"https://www.suse.com/security/cve/CVE-2020-6396/"},{"category":"self","summary":"SUSE CVE CVE-2020-6397 page","url":"https://www.suse.com/security/cve/CVE-2020-6397/"},{"category":"self","summary":"SUSE CVE CVE-2020-6398 page","url":"https://www.suse.com/security/cve/CVE-2020-6398/"},{"category":"self","summary":"SUSE CVE CVE-2020-6399 page","url":"https://www.suse.com/security/cve/CVE-2020-6399/"},{"category":"self","summary":"SUSE CVE CVE-2020-6400 page","url":"https://www.suse.com/security/cve/CVE-2020-6400/"},{"category":"self","summary":"SUSE CVE CVE-2020-6401 page","url":"https://www.suse.com/security/cve/CVE-2020-6401/"},{"category":"self","summary":"SUSE CVE CVE-2020-6402 page","url":"https://www.suse.com/security/cve/CVE-2020-6402/"},{"category":"self","summary":"SUSE CVE CVE-2020-6403 page","url":"https://www.suse.com/security/cve/CVE-2020-6403/"},{"category":"self","summary":"SUSE CVE CVE-2020-6404 page","url":"https://www.suse.com/security/cve/CVE-2020-6404/"},{"category":"self","summary":"SUSE CVE CVE-2020-6405 page","url":"https://www.suse.com/security/cve/CVE-2020-6405/"},{"category":"self","summary":"SUSE CVE CVE-2020-6406 page","url":"https://www.suse.com/security/cve/CVE-2020-6406/"},{"category":"self","summary":"SUSE CVE CVE-2020-6408 page","url":"https://www.suse.com/security/cve/CVE-2020-6408/"},{"category":"self","summary":"SUSE CVE CVE-2020-6409 page","url":"https://www.suse.com/security/cve/CVE-2020-6409/"},{"category":"self","summary":"SUSE CVE CVE-2020-6410 page","url":"https://www.suse.com/security/cve/CVE-2020-6410/"},{"category":"self","summary":"SUSE CVE CVE-2020-6411 page","url":"https://www.suse.com/security/cve/CVE-2020-6411/"},{"category":"self","summary":"SUSE CVE CVE-2020-6412 page","url":"https://www.suse.com/security/cve/CVE-2020-6412/"},{"category":"self","summary":"SUSE CVE CVE-2020-6413 page","url":"https://www.suse.com/security/cve/CVE-2020-6413/"},{"category":"self","summary":"SUSE CVE CVE-2020-6414 page","url":"https://www.suse.com/security/cve/CVE-2020-6414/"},{"category":"self","summary":"SUSE CVE CVE-2020-6415 page","url":"https://www.suse.com/security/cve/CVE-2020-6415/"},{"category":"self","summary":"SUSE CVE CVE-2020-6416 page","url":"https://www.suse.com/security/cve/CVE-2020-6416/"},{"category":"self","summary":"SUSE CVE CVE-2020-6417 page","url":"https://www.suse.com/security/cve/CVE-2020-6417/"}],"title":"Security update for chromium","tracking":{"current_release_date":"2020-02-12T05:12:32Z","generator":{"date":"2020-02-12T05:12:32Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2020:0210-1","initial_release_date":"2020-02-12T05:12:32Z","revision_history":[{"date":"2020-02-12T05:12:32Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","product":{"name":"chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","product_id":"chromedriver-80.0.3987.87-bp151.3.59.1.aarch64"}},{"category":"product_version","name":"chromium-80.0.3987.87-bp151.3.59.1.aarch64","product":{"name":"chromium-80.0.3987.87-bp151.3.59.1.aarch64","product_id":"chromium-80.0.3987.87-bp151.3.59.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","product":{"name":"chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","product_id":"chromedriver-80.0.3987.87-bp151.3.59.1.x86_64"}},{"category":"product_version","name":"chromium-80.0.3987.87-bp151.3.59.1.x86_64","product":{"name":"chromium-80.0.3987.87-bp151.3.59.1.x86_64","product_id":"chromium-80.0.3987.87-bp151.3.59.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Package Hub 15 SP1","product":{"name":"SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1"}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"chromedriver-80.0.3987.87-bp151.3.59.1.aarch64 as component of SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64"},"product_reference":"chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"chromedriver-80.0.3987.87-bp151.3.59.1.x86_64 as component of SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64"},"product_reference":"chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"chromium-80.0.3987.87-bp151.3.59.1.aarch64 as component of SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64"},"product_reference":"chromium-80.0.3987.87-bp151.3.59.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"chromium-80.0.3987.87-bp151.3.59.1.x86_64 as component of SUSE Package Hub 15 SP1","product_id":"SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"},"product_reference":"chromium-80.0.3987.87-bp151.3.59.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15 SP1"}]},"vulnerabilities":[{"cve":"CVE-2019-18197","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-18197"}],"notes":[{"category":"general","text":"In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-18197","url":"https://www.suse.com/security/cve/CVE-2019-18197"},{"category":"external","summary":"SUSE Bug 1154609 for CVE-2019-18197","url":"https://bugzilla.suse.com/1154609"},{"category":"external","summary":"SUSE Bug 1157028 for CVE-2019-18197","url":"https://bugzilla.suse.com/1157028"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2019-18197","url":"https://bugzilla.suse.com/1162833"},{"category":"external","summary":"SUSE Bug 1169511 for CVE-2019-18197","url":"https://bugzilla.suse.com/1169511"},{"category":"external","summary":"SUSE Bug 1190108 for CVE-2019-18197","url":"https://bugzilla.suse.com/1190108"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2019-18197"},{"cve":"CVE-2019-19880","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-19880"}],"notes":[{"category":"general","text":"exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-19880","url":"https://www.suse.com/security/cve/CVE-2019-19880"},{"category":"external","summary":"SUSE Bug 1159491 for CVE-2019-19880","url":"https://bugzilla.suse.com/1159491"},{"category":"external","summary":"SUSE Bug 1159715 for CVE-2019-19880","url":"https://bugzilla.suse.com/1159715"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2019-19880","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2019-19880"},{"cve":"CVE-2019-19923","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-19923"}],"notes":[{"category":"general","text":"flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-19923","url":"https://www.suse.com/security/cve/CVE-2019-19923"},{"category":"external","summary":"SUSE Bug 1160309 for CVE-2019-19923","url":"https://bugzilla.suse.com/1160309"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2019-19923","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"moderate"}],"title":"CVE-2019-19923"},{"cve":"CVE-2019-19925","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-19925"}],"notes":[{"category":"general","text":"zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-19925","url":"https://www.suse.com/security/cve/CVE-2019-19925"},{"category":"external","summary":"SUSE Bug 1159847 for CVE-2019-19925","url":"https://bugzilla.suse.com/1159847"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2019-19925","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"low"}],"title":"CVE-2019-19925"},{"cve":"CVE-2019-19926","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-19926"}],"notes":[{"category":"general","text":"multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-19926","url":"https://www.suse.com/security/cve/CVE-2019-19926"},{"category":"external","summary":"SUSE Bug 1159491 for CVE-2019-19926","url":"https://bugzilla.suse.com/1159491"},{"category":"external","summary":"SUSE Bug 1159715 for CVE-2019-19926","url":"https://bugzilla.suse.com/1159715"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2019-19926","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2019-19926"},{"cve":"CVE-2020-6381","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6381"}],"notes":[{"category":"general","text":"Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6381","url":"https://www.suse.com/security/cve/CVE-2020-6381"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6381","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6381"},{"cve":"CVE-2020-6382","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6382"}],"notes":[{"category":"general","text":"Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6382","url":"https://www.suse.com/security/cve/CVE-2020-6382"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6382","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6382"},{"cve":"CVE-2020-6385","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6385"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6385","url":"https://www.suse.com/security/cve/CVE-2020-6385"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6385","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6385"},{"cve":"CVE-2020-6387","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6387"}],"notes":[{"category":"general","text":"Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6387","url":"https://www.suse.com/security/cve/CVE-2020-6387"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6387","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6387"},{"cve":"CVE-2020-6388","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6388"}],"notes":[{"category":"general","text":"Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6388","url":"https://www.suse.com/security/cve/CVE-2020-6388"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6388","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6388"},{"cve":"CVE-2020-6389","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6389"}],"notes":[{"category":"general","text":"Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6389","url":"https://www.suse.com/security/cve/CVE-2020-6389"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6389","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6389"},{"cve":"CVE-2020-6390","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6390"}],"notes":[{"category":"general","text":"Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6390","url":"https://www.suse.com/security/cve/CVE-2020-6390"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6390","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6390"},{"cve":"CVE-2020-6391","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6391"}],"notes":[{"category":"general","text":"Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6391","url":"https://www.suse.com/security/cve/CVE-2020-6391"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6391","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6391"},{"cve":"CVE-2020-6392","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6392"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6392","url":"https://www.suse.com/security/cve/CVE-2020-6392"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6392","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6392"},{"cve":"CVE-2020-6393","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6393"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6393","url":"https://www.suse.com/security/cve/CVE-2020-6393"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6393","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6393"},{"cve":"CVE-2020-6394","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6394"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6394","url":"https://www.suse.com/security/cve/CVE-2020-6394"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6394","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6394"},{"cve":"CVE-2020-6395","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6395"}],"notes":[{"category":"general","text":"Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6395","url":"https://www.suse.com/security/cve/CVE-2020-6395"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6395","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6395"},{"cve":"CVE-2020-6396","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6396"}],"notes":[{"category":"general","text":"Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6396","url":"https://www.suse.com/security/cve/CVE-2020-6396"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6396","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6396"},{"cve":"CVE-2020-6397","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6397"}],"notes":[{"category":"general","text":"Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6397","url":"https://www.suse.com/security/cve/CVE-2020-6397"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6397","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6397"},{"cve":"CVE-2020-6398","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6398"}],"notes":[{"category":"general","text":"Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6398","url":"https://www.suse.com/security/cve/CVE-2020-6398"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6398","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6398"},{"cve":"CVE-2020-6399","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6399"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6399","url":"https://www.suse.com/security/cve/CVE-2020-6399"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6399","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6399"},{"cve":"CVE-2020-6400","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6400"}],"notes":[{"category":"general","text":"Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6400","url":"https://www.suse.com/security/cve/CVE-2020-6400"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6400","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6400"},{"cve":"CVE-2020-6401","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6401"}],"notes":[{"category":"general","text":"Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6401","url":"https://www.suse.com/security/cve/CVE-2020-6401"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6401","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6401"},{"cve":"CVE-2020-6402","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6402"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6402","url":"https://www.suse.com/security/cve/CVE-2020-6402"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6402","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6402"},{"cve":"CVE-2020-6403","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6403"}],"notes":[{"category":"general","text":"Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6403","url":"https://www.suse.com/security/cve/CVE-2020-6403"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6403","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6403"},{"cve":"CVE-2020-6404","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6404"}],"notes":[{"category":"general","text":"Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6404","url":"https://www.suse.com/security/cve/CVE-2020-6404"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6404","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6404"},{"cve":"CVE-2020-6405","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6405"}],"notes":[{"category":"general","text":"Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6405","url":"https://www.suse.com/security/cve/CVE-2020-6405"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6405","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6405"},{"cve":"CVE-2020-6406","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6406"}],"notes":[{"category":"general","text":"Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6406","url":"https://www.suse.com/security/cve/CVE-2020-6406"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6406","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6406"},{"cve":"CVE-2020-6408","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6408"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6408","url":"https://www.suse.com/security/cve/CVE-2020-6408"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6408","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6408"},{"cve":"CVE-2020-6409","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6409"}],"notes":[{"category":"general","text":"Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6409","url":"https://www.suse.com/security/cve/CVE-2020-6409"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6409","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6409"},{"cve":"CVE-2020-6410","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6410"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6410","url":"https://www.suse.com/security/cve/CVE-2020-6410"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6410","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6410"},{"cve":"CVE-2020-6411","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6411"}],"notes":[{"category":"general","text":"Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6411","url":"https://www.suse.com/security/cve/CVE-2020-6411"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6411","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6411"},{"cve":"CVE-2020-6412","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6412"}],"notes":[{"category":"general","text":"Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6412","url":"https://www.suse.com/security/cve/CVE-2020-6412"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6412","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6412"},{"cve":"CVE-2020-6413","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6413"}],"notes":[{"category":"general","text":"Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6413","url":"https://www.suse.com/security/cve/CVE-2020-6413"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6413","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6413"},{"cve":"CVE-2020-6414","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6414"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6414","url":"https://www.suse.com/security/cve/CVE-2020-6414"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6414","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6414"},{"cve":"CVE-2020-6415","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6415"}],"notes":[{"category":"general","text":"Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6415","url":"https://www.suse.com/security/cve/CVE-2020-6415"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6415","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6415"},{"cve":"CVE-2020-6416","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6416"}],"notes":[{"category":"general","text":"Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6416","url":"https://www.suse.com/security/cve/CVE-2020-6416"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6416","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6416"},{"cve":"CVE-2020-6417","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6417"}],"notes":[{"category":"general","text":"Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6417","url":"https://www.suse.com/security/cve/CVE-2020-6417"},{"category":"external","summary":"SUSE Bug 1162833 for CVE-2020-6417","url":"https://bugzilla.suse.com/1162833"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromedriver-80.0.3987.87-bp151.3.59.1.x86_64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.aarch64","SUSE Package Hub 15 SP1:chromium-80.0.3987.87-bp151.3.59.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-02-12T05:12:32Z","details":"important"}],"title":"CVE-2020-6417"}]}