CVE-2020-6528

CVE-2020-6528

Name

CVE-2020-6528

Description

Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Release Notes	https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html
Permissions Required	https://crbug.com/1063690
Mailing List	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html
Third Party Advisory	https://security.gentoo.org/glsa/202007-08
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/
Mailing List	http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html
Mailing List	http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html
Mailing List	http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html
Third Party Advisory	https://www.debian.org/security/2021/dsa-4824

Type

URI

Release Notes

https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html

Permissions Required

https://crbug.com/1063690

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html

Third Party Advisory

https://security.gentoo.org/glsa/202007-08

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/