We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
A memory corruption bug(Heap overflow) in the FreeType font rendering library.
This can be exploited by attackers to execute arbitrary code by using specially crafted fonts with embedded PNG images .
As per https://www.secpod.com/blog/chrome-zero-day-under-active-exploitation-patch-now/
Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild.
Upgrade to 85.3.130 or higher
To review the CEF/Chromium patch see https://bitbucket.org/chromiumembedded/cef/commits/cd6cbe008b127990036945fb75e7c2c1594ab10d
CEF/Chromium
Impact
A memory corruption bug(Heap overflow) in the FreeType font rendering library.
As per https://www.secpod.com/blog/chrome-zero-day-under-active-exploitation-patch-now/
Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild.
Patches
Upgrade to 85.3.130 or higher
References
To review the
CEF/Chromiumpatch see https://bitbucket.org/chromiumembedded/cef/commits/cd6cbe008b127990036945fb75e7c2c1594ab10d