Home

CVE-2020-16012

Description

Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
4.946

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities fixed in Microsoft Edge for chromium business (x64) (87.0.664.41)Windows
Multiple vulnerabilities fixed in Microsoft Edge for chromium business (87.0.664.41)Windows
Multiple vulnerabilities affected in Google Chrome (x64) 87.0.4280.65Windows
Multiple Vulnerabilities are affected in Mozilla Firefox 82.0Windows
Vulnerabilities CVE-2020-16012 are affected in Mozilla Firefox (x64) 82.9Windows
Vulnerabilities CVE-2020-16012 are affected in Mozilla_Firefox 82.9Windows
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (83.0)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (78.5.0)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (78.5.1)Mac
Multiple vulnerabilities are fixed in Google Chrome For Mac (87.0.4280.66)Mac
Multiple vulnerabilities are fixed in Google Chrome For Mac (87.0.4280.67)Mac
Vulnerabilities CVE-2020-16012 are affected in Mozilla Firefox for Mac 82.9Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac 78.5Mac
firefox-esr security update(DSA-4793-1) firefox-esr_78.5.0esr-1~deb10u1_i386.debLinux
firefox-esr security update(DSA-4793-1) firefox-esr_78.5.0esr-1~deb10u1_amd64.debLinux
Mozilla Open Source web browser (USN-4637-1) firefox_83.0+build2-0ubuntu0.18.04.2_i386.debLinux
Mozilla Open Source web browser (USN-4637-1) firefox_83.0+build2-0ubuntu0.18.04.2_amd64.debLinux
Mozilla Open Source web browser (USN-4637-1) firefox_83.0+build2-0ubuntu0.20.04.1_amd64.debLinux
Mozilla Open Source web browser (USN-4637-1) firefox_83.0+build2-0ubuntu0.20.10.1_amd64.debLinux
Mozilla Open Source web browser (USN-4637-2) firefox_83.0+build2-0ubuntu0.16.04.3_i386.debLinux
Mozilla Open Source web browser (USN-4637-2) firefox_83.0+build2-0ubuntu0.16.04.3_amd64.debLinux
thunderbird security update(DSA-4796-1) thunderbird_78.5.0-1~deb10u1_i386.debLinux
thunderbird security update(DSA-4796-1) thunderbird_78.5.0-1~deb10u1_amd64.debLinux
Mozilla Open Source mail and newsgroup client (USN-4647-1) thunderbird_78.5.0+build3-0ubuntu0.20.10.1_amd64.debLinux
SUSE-SU-2020:3548-1(SUSE Linux Enterprise Server 12-SP5 ) MozillaFirefox-78.5.0-112.36.1.x86_64.rpmLinux
SUSE-SU-2020:3548-1(SUSE Linux Enterprise Server 12-SP5 ) MozillaFirefox-debuginfo-78.5.0-112.36.1.x86_64.rpmLinux
SUSE-SU-2020:3548-1(SUSE Linux Enterprise Server 12-SP5 ) MozillaFirefox-debugsource-78.5.0-112.36.1.x86_64.rpmLinux
SUSE-SU-2020:3548-1(SUSE Linux Enterprise Server 12-SP5 ) MozillaFirefox-devel-78.5.0-112.36.1.x86_64.rpmLinux
SUSE-SU-2020:3548-1(SUSE Linux Enterprise Server 12-SP5 ) MozillaFirefox-translations-common-78.5.0-112.36.1.x86_64.rpmLinux
(RHSA-2020:5235) thunderbird security update thunderbird-78.5.0-1.el7_9.x86_64.rpmLinux
(RHSA-2020:5236) thunderbird security update thunderbird-78.5.0-1.el8_3.x86_64.rpmLinux
(RHSA-2020:5236) thunderbird security update thunderbird-debugsource-78.5.0-1.el8_3.x86_64.rpmLinux
(RHSA-2020:5237) firefox security update firefox-78.5.0-1.el8_3.x86_64.rpmLinux
(RHSA-2020:5237) firefox security update firefox-debugsource-78.5.0-1.el8_3.x86_64.rpmLinux
(RHSA-2020:5238) thunderbird security update thunderbird-78.5.0-1.el6_10.i686.rpmLinux
(RHSA-2020:5238) thunderbird security update thunderbird-78.5.0-1.el6_10.x86_64.rpmLinux
(RHSA-2020:5239) firefox security update firefox-78.5.0-1.el7_9.i686.rpmLinux
(RHSA-2020:5239) firefox security update firefox-78.5.0-1.el7_9.x86_64.rpmLinux
(RHSA-2020:5257) firefox security update firefox-78.5.0-1.el6_10.i686.rpmLinux
(RHSA-2020:5257) firefox security update firefox-78.5.0-1.el6_10.x86_64.rpmLinux
chromium security update(DSA-4824-1) chromium_87.0.4280.88-0.4~deb10u1_i386.debLinux
chromium security update(DSA-4824-1) chromium_87.0.4280.88-0.4~deb10u1_amd64.debLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-109332Microsoft Edge for chromium business (99.0.1150.30) (x64)
PATCH-109333Microsoft Edge for chromium business (99.0.1150.30) (x86)
PATCH-343228Google Chrome (x64) (131.0.6778.85, 131.0.6778.86)
PATCH-343015Mozilla Firefox (132.0.2)
PATCH-334458Mozilla Firefox (x64) (120.0)
PATCH-334457Mozilla Firefox (120.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-609673Google Chrome for Mac (132.0.6834.83, 132.0.6834.84)
PATCH-609673Google Chrome for Mac (132.0.6834.83, 132.0.6834.84)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-612783Mozilla Firefox For Mac (145.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234