CVE-2020-15982: channel information leakage in cache

Q: What is CVE-2020-15982?

CVE-2020-15982 is a vulnerability in Google Chrome that allowed a remote attacker to obtain potentially sensitive information.

Q: What is the severity of CVE-2020-15982?

The severity of CVE-2020-15982 is medium (6.5).

Q: Which versions of Google Chrome are affected by CVE-2020-15982?

Google Chrome versions prior to 86.0.4240.75 are affected by CVE-2020-15982.

Q: How can I fix CVE-2020-15982?

To fix CVE-2020-15982, update Google Chrome to version 86.0.4240.75 or later.

Q: Are there any references for CVE-2020-15982?

Yes, for more information about CVE-2020-15982, you can refer to the following sources: [1] [2] [3].

Published Jan 7, 2020

Updated

Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Credit

Luan Herrera@@lbherrera_

Affected Software

8 affected componentsFixes available

debian/chromium

90.0.4430.212-1~deb10u1116.0.5845.180-1~deb11u1120.0.6099.129-1~deb11u1119.0.6045.199-1~deb12u1120.0.6099.129-1~deb12u1120.0.6099.129-1

Google Chrome<86.0.4240.75

86.0.4240.75

Google Chrome<86.0.4240.75

Fedoraproject Fedora=31

Fedoraproject Fedora=32

Fedoraproject Fedora=33

Debian Debian Linux=10.0

openSUSE Backports SLE=15.0-sp2

Event History

Jan 7, 2020

CVE Published

12:00 AM

Nov 3, 2020

CVE Published

via MITRE·02:21 AM

Data Sourced

via MITRE·02:21 AM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

7211503174014671839

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is CVE-2020-15982?

CVE-2020-15982 is a vulnerability in Google Chrome that allowed a remote attacker to obtain potentially sensitive information.

What is the severity of CVE-2020-15982?

The severity of CVE-2020-15982 is medium (6.5).

Which versions of Google Chrome are affected by CVE-2020-15982?