CVE-2020-15994: Use after free in V8

Q: What is the severity of CVE-2020-15994?

CVE-2020-15994 has a high severity rating due to its potential for remote exploitation and heap corruption.

Q: How do I fix CVE-2020-15994?

To fix CVE-2020-15994, update Google Chrome to version 86.0.4240.99 or higher.

Q: What does CVE-2020-15994 affect?

CVE-2020-15994 affects Google Chrome versions prior to 86.0.4240.99.

Q: Is CVE-2020-15994 a risk for users of Google Android?

No, CVE-2020-15994 does not affect Google Android operating systems.

Q: Can CVE-2020-15994 be exploited through web pages?

Yes, CVE-2020-15994 can be exploited by attackers through crafted HTML pages.

Published Aug 17, 2020

Updated

Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Credit

Johnathan Norman Microsoft Browser Vulnerability Research

Affected Software

4 affected componentsFixes available

All of the following

Google Chrome<86.0.4240.99

86.0.4240.99

Google Android*

Google Chrome<86.0.4240.99

Google Android

Event History

Aug 17, 2020

CVE Published

12:00 AM

Nov 3, 2020

CVE Published

via MITRE·02:21 AM

Data Sourced

via MITRE·02:21 AM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

2509954079155194578

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the severity of CVE-2020-15994?

CVE-2020-15994 has a high severity rating due to its potential for remote exploitation and heap corruption.

How do I fix CVE-2020-15994?

To fix CVE-2020-15994, update Google Chrome to version 86.0.4240.99 or higher.

What does CVE-2020-15994 affect?