{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"critical"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for chromium","title":"Title of the patch"},{"category":"description","text":"This update for chromium fixes the following issues:\n\n-chromium was updated to 86.0.4240.75 (boo#1177408):\n   - CVE-2020-15967: Fixed Use after free in payments.\n   - CVE-2020-15968: Fixed Use after free in Blink.\n   - CVE-2020-15969: Fixed Use after free in WebRTC. \n   - CVE-2020-15970: Fixed Use after free in NFC.\n   - CVE-2020-15971: Fixed Use after free in printing. \n   - CVE-2020-15972: Fixed Use after free in audio. \n   - CVE-2020-15990: Fixed Use after free in autofill. \n   - CVE-2020-15991: Fixed Use after free in password manager.\n   - CVE-2020-15973: Fixed Insufficient policy enforcement in extensions.\n   - CVE-2020-15974: Fixed Integer overflow in Blink. \n   - CVE-2020-15975: Fixed Integer overflow in SwiftShader. \n   - CVE-2020-15976: Fixed Use after free in WebXR. \n   - CVE-2020-6557: Fixed Inappropriate implementation in networking. \n   - CVE-2020-15977: Fixed Insufficient data validation in dialogs.\n   - CVE-2020-15978: Fixed Insufficient data validation in navigation.\n   - CVE-2020-15979: Fixed Inappropriate implementation in V8.\n   - CVE-2020-15980: Fixed Insufficient policy enforcement in Intents.\n   - CVE-2020-15981: Fixed Out of bounds read in audio. \n   - CVE-2020-15982: Fixed Side-channel information leakage in cache. \n   - CVE-2020-15983: Fixed Insufficient data validation in webUI.\n   - CVE-2020-15984: Fixed Insufficient policy enforcement in Omnibox. \n   - CVE-2020-15985: Fixed Inappropriate implementation in Blink. \n   - CVE-2020-15986: Fixed Integer overflow in media. \n   - CVE-2020-15987: Fixed Use after free in WebRTC. \n   - CVE-2020-15992: Fixed Insufficient policy enforcement in networking. \n   - CVE-2020-15988: Fixed Insufficient policy enforcement in downloads.\n   - CVE-2020-15989: Fixed Uninitialized Use in PDFium. \n\n","title":"Description of the patch"},{"category":"details","text":"openSUSE-2020-1705","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1705-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2020:1705-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RSRYM5HZR7DJFCM4PTV3322SCZDBNVEX/"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2020:1705-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RSRYM5HZR7DJFCM4PTV3322SCZDBNVEX/"},{"category":"self","summary":"SUSE Bug 1177408","url":"https://bugzilla.suse.com/1177408"},{"category":"self","summary":"SUSE CVE CVE-2020-15967 page","url":"https://www.suse.com/security/cve/CVE-2020-15967/"},{"category":"self","summary":"SUSE CVE CVE-2020-15968 page","url":"https://www.suse.com/security/cve/CVE-2020-15968/"},{"category":"self","summary":"SUSE CVE CVE-2020-15969 page","url":"https://www.suse.com/security/cve/CVE-2020-15969/"},{"category":"self","summary":"SUSE CVE CVE-2020-15970 page","url":"https://www.suse.com/security/cve/CVE-2020-15970/"},{"category":"self","summary":"SUSE CVE CVE-2020-15971 page","url":"https://www.suse.com/security/cve/CVE-2020-15971/"},{"category":"self","summary":"SUSE CVE CVE-2020-15972 page","url":"https://www.suse.com/security/cve/CVE-2020-15972/"},{"category":"self","summary":"SUSE CVE CVE-2020-15973 page","url":"https://www.suse.com/security/cve/CVE-2020-15973/"},{"category":"self","summary":"SUSE CVE CVE-2020-15974 page","url":"https://www.suse.com/security/cve/CVE-2020-15974/"},{"category":"self","summary":"SUSE CVE CVE-2020-15975 page","url":"https://www.suse.com/security/cve/CVE-2020-15975/"},{"category":"self","summary":"SUSE CVE CVE-2020-15976 page","url":"https://www.suse.com/security/cve/CVE-2020-15976/"},{"category":"self","summary":"SUSE CVE CVE-2020-15977 page","url":"https://www.suse.com/security/cve/CVE-2020-15977/"},{"category":"self","summary":"SUSE CVE CVE-2020-15978 page","url":"https://www.suse.com/security/cve/CVE-2020-15978/"},{"category":"self","summary":"SUSE CVE CVE-2020-15979 page","url":"https://www.suse.com/security/cve/CVE-2020-15979/"},{"category":"self","summary":"SUSE CVE CVE-2020-15980 page","url":"https://www.suse.com/security/cve/CVE-2020-15980/"},{"category":"self","summary":"SUSE CVE CVE-2020-15981 page","url":"https://www.suse.com/security/cve/CVE-2020-15981/"},{"category":"self","summary":"SUSE CVE CVE-2020-15982 page","url":"https://www.suse.com/security/cve/CVE-2020-15982/"},{"category":"self","summary":"SUSE CVE CVE-2020-15983 page","url":"https://www.suse.com/security/cve/CVE-2020-15983/"},{"category":"self","summary":"SUSE CVE CVE-2020-15984 page","url":"https://www.suse.com/security/cve/CVE-2020-15984/"},{"category":"self","summary":"SUSE CVE CVE-2020-15985 page","url":"https://www.suse.com/security/cve/CVE-2020-15985/"},{"category":"self","summary":"SUSE CVE CVE-2020-15986 page","url":"https://www.suse.com/security/cve/CVE-2020-15986/"},{"category":"self","summary":"SUSE CVE CVE-2020-15987 page","url":"https://www.suse.com/security/cve/CVE-2020-15987/"},{"category":"self","summary":"SUSE CVE CVE-2020-15988 page","url":"https://www.suse.com/security/cve/CVE-2020-15988/"},{"category":"self","summary":"SUSE CVE CVE-2020-15989 page","url":"https://www.suse.com/security/cve/CVE-2020-15989/"},{"category":"self","summary":"SUSE CVE CVE-2020-15990 page","url":"https://www.suse.com/security/cve/CVE-2020-15990/"},{"category":"self","summary":"SUSE CVE CVE-2020-15991 page","url":"https://www.suse.com/security/cve/CVE-2020-15991/"},{"category":"self","summary":"SUSE CVE CVE-2020-15992 page","url":"https://www.suse.com/security/cve/CVE-2020-15992/"},{"category":"self","summary":"SUSE CVE CVE-2020-6557 page","url":"https://www.suse.com/security/cve/CVE-2020-6557/"}],"title":"Security update for chromium","tracking":{"current_release_date":"2020-10-22T05:51:33Z","generator":{"date":"2020-10-22T05:51:33Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2020:1705-1","initial_release_date":"2020-10-22T05:51:33Z","revision_history":[{"date":"2020-10-22T05:51:33Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","product":{"name":"chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","product_id":"chromedriver-86.0.4240.75-lp152.2.39.1.x86_64"}},{"category":"product_version","name":"chromium-86.0.4240.75-lp152.2.39.1.x86_64","product":{"name":"chromium-86.0.4240.75-lp152.2.39.1.x86_64","product_id":"chromium-86.0.4240.75-lp152.2.39.1.x86_64"}},{"category":"product_version","name":"gn-0.1807-lp152.2.3.1.x86_64","product":{"name":"gn-0.1807-lp152.2.3.1.x86_64","product_id":"gn-0.1807-lp152.2.3.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"openSUSE Leap 15.1","product":{"name":"openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.1"}}},{"category":"product_name","name":"openSUSE Leap 15.2","product":{"name":"openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.2"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"chromedriver-86.0.4240.75-lp152.2.39.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64"},"product_reference":"chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"chromium-86.0.4240.75-lp152.2.39.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64"},"product_reference":"chromium-86.0.4240.75-lp152.2.39.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"gn-0.1807-lp152.2.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64"},"product_reference":"gn-0.1807-lp152.2.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"chromedriver-86.0.4240.75-lp152.2.39.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64"},"product_reference":"chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"chromium-86.0.4240.75-lp152.2.39.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64"},"product_reference":"chromium-86.0.4240.75-lp152.2.39.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"gn-0.1807-lp152.2.3.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"},"product_reference":"gn-0.1807-lp152.2.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"}]},"vulnerabilities":[{"cve":"CVE-2020-15967","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15967"}],"notes":[{"category":"general","text":"Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15967","url":"https://www.suse.com/security/cve/CVE-2020-15967"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15967","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15967"},{"cve":"CVE-2020-15968","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15968"}],"notes":[{"category":"general","text":"Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15968","url":"https://www.suse.com/security/cve/CVE-2020-15968"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15968","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15968"},{"cve":"CVE-2020-15969","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15969"}],"notes":[{"category":"general","text":"Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15969","url":"https://www.suse.com/security/cve/CVE-2020-15969"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15969","url":"https://bugzilla.suse.com/1177408"},{"category":"external","summary":"SUSE Bug 1177872 for CVE-2020-15969","url":"https://bugzilla.suse.com/1177872"},{"category":"external","summary":"SUSE Bug 1177977 for CVE-2020-15969","url":"https://bugzilla.suse.com/1177977"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15969"},{"cve":"CVE-2020-15970","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15970"}],"notes":[{"category":"general","text":"Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15970","url":"https://www.suse.com/security/cve/CVE-2020-15970"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15970","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15970"},{"cve":"CVE-2020-15971","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15971"}],"notes":[{"category":"general","text":"Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15971","url":"https://www.suse.com/security/cve/CVE-2020-15971"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15971","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15971"},{"cve":"CVE-2020-15972","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15972"}],"notes":[{"category":"general","text":"Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15972","url":"https://www.suse.com/security/cve/CVE-2020-15972"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15972","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15972"},{"cve":"CVE-2020-15973","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15973"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15973","url":"https://www.suse.com/security/cve/CVE-2020-15973"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15973","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15973"},{"cve":"CVE-2020-15974","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15974"}],"notes":[{"category":"general","text":"Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15974","url":"https://www.suse.com/security/cve/CVE-2020-15974"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15974","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15974"},{"cve":"CVE-2020-15975","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15975"}],"notes":[{"category":"general","text":"Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15975","url":"https://www.suse.com/security/cve/CVE-2020-15975"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15975","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15975"},{"cve":"CVE-2020-15976","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15976"}],"notes":[{"category":"general","text":"Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15976","url":"https://www.suse.com/security/cve/CVE-2020-15976"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15976","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15976"},{"cve":"CVE-2020-15977","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15977"}],"notes":[{"category":"general","text":"Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15977","url":"https://www.suse.com/security/cve/CVE-2020-15977"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15977","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15977"},{"cve":"CVE-2020-15978","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15978"}],"notes":[{"category":"general","text":"Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15978","url":"https://www.suse.com/security/cve/CVE-2020-15978"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15978","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15978"},{"cve":"CVE-2020-15979","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15979"}],"notes":[{"category":"general","text":"Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15979","url":"https://www.suse.com/security/cve/CVE-2020-15979"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15979","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15979"},{"cve":"CVE-2020-15980","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15980"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15980","url":"https://www.suse.com/security/cve/CVE-2020-15980"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15980","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15980"},{"cve":"CVE-2020-15981","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15981"}],"notes":[{"category":"general","text":"Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15981","url":"https://www.suse.com/security/cve/CVE-2020-15981"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15981","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15981"},{"cve":"CVE-2020-15982","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15982"}],"notes":[{"category":"general","text":"Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15982","url":"https://www.suse.com/security/cve/CVE-2020-15982"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15982","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15982"},{"cve":"CVE-2020-15983","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15983"}],"notes":[{"category":"general","text":"Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15983","url":"https://www.suse.com/security/cve/CVE-2020-15983"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15983","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15983"},{"cve":"CVE-2020-15984","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15984"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15984","url":"https://www.suse.com/security/cve/CVE-2020-15984"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15984","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15984"},{"cve":"CVE-2020-15985","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15985"}],"notes":[{"category":"general","text":"Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15985","url":"https://www.suse.com/security/cve/CVE-2020-15985"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15985","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15985"},{"cve":"CVE-2020-15986","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15986"}],"notes":[{"category":"general","text":"Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15986","url":"https://www.suse.com/security/cve/CVE-2020-15986"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15986","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15986"},{"cve":"CVE-2020-15987","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15987"}],"notes":[{"category":"general","text":"Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15987","url":"https://www.suse.com/security/cve/CVE-2020-15987"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15987","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15987"},{"cve":"CVE-2020-15988","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15988"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15988","url":"https://www.suse.com/security/cve/CVE-2020-15988"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15988","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15988"},{"cve":"CVE-2020-15989","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15989"}],"notes":[{"category":"general","text":"Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15989","url":"https://www.suse.com/security/cve/CVE-2020-15989"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15989","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-15989"},{"cve":"CVE-2020-15990","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15990"}],"notes":[{"category":"general","text":"Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15990","url":"https://www.suse.com/security/cve/CVE-2020-15990"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15990","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15990"},{"cve":"CVE-2020-15991","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15991"}],"notes":[{"category":"general","text":"Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15991","url":"https://www.suse.com/security/cve/CVE-2020-15991"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15991","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15991"},{"cve":"CVE-2020-15992","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-15992"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-15992","url":"https://www.suse.com/security/cve/CVE-2020-15992"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-15992","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"important"}],"title":"CVE-2020-15992"},{"cve":"CVE-2020-6557","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-6557"}],"notes":[{"category":"general","text":"Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-6557","url":"https://www.suse.com/security/cve/CVE-2020-6557"},{"category":"external","summary":"SUSE Bug 1177408 for CVE-2020-6557","url":"https://bugzilla.suse.com/1177408"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["openSUSE Leap 15.1:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.1:gn-0.1807-lp152.2.3.1.x86_64","openSUSE Leap 15.2:chromedriver-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:chromium-86.0.4240.75-lp152.2.39.1.x86_64","openSUSE Leap 15.2:gn-0.1807-lp152.2.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-10-22T05:51:33Z","details":"moderate"}],"title":"CVE-2020-6557"}]}