« List of all CVEs

CVE-2020-15999

Published: 11/3/2020 Last updated: 10/21/2025 Reserved: 7/27/2020

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CNA assigner: Chrome (ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28) Requested by: n/a

Metrics

Version Score Severity Vector String
3.1 9.6 Critical CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Opam packages affected (4)

conf-freetype conf-gd conf-mingw-w64-freetype-i686 conf-mingw-w64-freetype-x86_64

Products affected (2)

Product Vendor Version
Chrome Google unspecified
Chrome Google 11.3.7SR2

References (43)