Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd2cXYtNzc5ci00amdw
Use after free in CefSharp
CVE-2020-16017: Use after free in site isolation
- https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017
Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.
There is currently little to no public information on the issue other than it has been flagged as High severity.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd2cXYtNzc5ci00amdw
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 3 years ago
Updated: about 1 year ago
Identifiers: GHSA-gvqv-779r-4jgp, CVE-2020-16017
References:
- https://github.com/cefsharp/CefSharp/security/advisories/GHSA-gvqv-779r-4jgp
- https://nvd.nist.gov/vuln/detail/CVE-2020-16017
- https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
- https://crbug.com/1146709
- https://github.com/advisories/GHSA-gvqv-779r-4jgp
Blast Radius: 1.0
Affected Packages
nuget:CefSharp.Wpf.HwndHost
Dependent packages: 0Dependent repositories: 0
Downloads: 50,476 total
Affected Version Ranges: < 86.0.241
Fixed in: 86.0.241
All affected versions: 84.4.10, 85.3.121, 85.3.130
All unaffected versions: 86.0.241, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.260, 93.1.140, 94.4.50, 94.4.110, 95.7.141, 96.0.170, 96.0.180, 97.1.11, 97.1.61, 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 101.0.150, 101.0.180, 102.0.90, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.150, 116.0.230, 117.2.20, 118.6.80, 119.1.20, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 123.0.60
nuget:CefSharp.WinForms
Dependent packages: 0Dependent repositories: 0
Downloads: 3,082,168 total
Affected Version Ranges: < 86.0.241
Fixed in: 86.0.241
All affected versions: 1.25.3, 33.0.0, 33.0.2, 37.0.0, 37.0.1, 37.0.3, 39.0.0, 39.0.1, 39.0.2, 41.0.0, 41.0.1, 43.0.0, 43.0.1, 45.0.0, 47.0.0, 47.0.1, 47.0.2, 47.0.3, 47.0.4, 49.0.0, 49.0.1, 51.0.0, 53.0.0, 53.0.1, 55.0.0, 57.0.0, 63.0.0, 63.0.1, 63.0.2, 63.0.3, 65.0.0, 65.0.1, 67.0.0, 69.0.0, 71.0.0, 71.0.1, 71.0.2, 73.1.130, 75.1.141, 75.1.142, 75.1.143, 79.1.350, 79.1.360, 81.3.100, 83.4.20, 84.4.10, 85.3.121, 85.3.130
All unaffected versions: 86.0.241, 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190, 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60
nuget:CefSharp.Wpf
Dependent packages: 0Dependent repositories: 0
Downloads: 3,278,495 total
Affected Version Ranges: < 86.0.241
Fixed in: 86.0.241
All affected versions: 1.25.3, 1.25.4, 1.25.5, 1.25.6, 1.25.7, 1.25.8, 33.0.0, 33.0.2, 37.0.0, 37.0.1, 37.0.3, 39.0.0, 39.0.1, 39.0.2, 41.0.0, 41.0.1, 43.0.0, 43.0.1, 45.0.0, 47.0.0, 47.0.1, 47.0.2, 47.0.3, 47.0.4, 49.0.0, 49.0.1, 51.0.0, 53.0.0, 53.0.1, 55.0.0, 57.0.0, 63.0.0, 63.0.1, 63.0.2, 63.0.3, 65.0.0, 65.0.1, 67.0.0, 69.0.0, 71.0.0, 71.0.1, 71.0.2, 73.1.130, 75.1.141, 75.1.142, 75.1.143, 79.1.350, 79.1.360, 81.3.100, 83.4.20, 84.4.10, 85.3.121, 85.3.130
All unaffected versions: 86.0.241, 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190, 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60
nuget:CefSharp.Common
Dependent packages: 0Dependent repositories: 0
Downloads: 6,765,583 total
Affected Version Ranges: < 86.0.241
Fixed in: 86.0.241
All affected versions: 33.0.0, 33.0.2, 37.0.0, 37.0.1, 37.0.2, 37.0.3, 39.0.0, 39.0.1, 39.0.2, 41.0.0, 41.0.1, 43.0.0, 43.0.1, 45.0.0, 47.0.0, 47.0.1, 47.0.2, 47.0.3, 47.0.4, 49.0.0, 49.0.1, 51.0.0, 53.0.0, 53.0.1, 55.0.0, 57.0.0, 63.0.0, 63.0.1, 63.0.2, 63.0.3, 65.0.0, 65.0.1, 67.0.0, 69.0.0, 71.0.0, 71.0.1, 71.0.2, 73.1.130, 75.1.141, 75.1.142, 75.1.143, 79.1.350, 79.1.360, 81.3.100, 83.4.20, 84.4.10, 85.3.121, 85.3.130
All unaffected versions: 86.0.241, 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190, 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60