Description
Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Remediation
References
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html
https://crbug.com/1064891
https://security.gentoo.org/glsa/202005-13
https://www.debian.org/security/2020/dsa-4714
Related Vulnerabilities
CVE-2023-26471 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rendering-async-api
CVE-2022-36096 Vulnerability in maven package org.xwiki.platform:xwiki-platform-index-ui
CVE-2018-1999007 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2021-34435 Vulnerability in npm package @theia/mini-browser
CVE-2022-0219 Vulnerability in maven package io.github.skylot:jadx-core