CVE-2020-16040

Medium

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption…

Chrome·CWE-20·Published 2021-01-08

CVSS

6.5

EPSS

1.00

KEV

Exploits

cve.orgen

163 chars

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

NVDen

163 chars

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

NVDes

216 chars

Una comprobación insuficiente de datos en V8 en Google Chrome versiones anteriores a 87.0.4280.88, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H