VulnerableCode Package Details - pkg:rpm/redhat/chromium-browser@83.0.4103.106-1?arch=el6

Search for packages

Vulnerability	Summary	Fixed by
VCID-ah3t-syrj-nkdf Aliases: CVE-2020-6507	Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.	There are no reported fixed by versions.
VCID-ucwp-bcjt-q7f4 Aliases: CVE-2020-6505	Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.	There are no reported fixed by versions.
VCID-zv9w-wnfw-5ue5 Aliases: CVE-2020-6506 GHSA-36j3-xxf7-4pqg	Android WebView Universal Cross-site Scripting A universal cross-site scripting (UXSS) vulnerability, CVE-2020-6506 (https://crbug.com/1083819), has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native apps which use a `react-native-webview` that allows navigation to arbitrary URLs, and when that app runs on systems with an Android WebView version prior to 83.0.4103.106. ## Pending mitigation Ensure users update their Android WebView system component via the Google Play Store to 83.0.4103.106 or higher to avoid this UXSS. 'react-native-webview' is working on a mitigation but it could take some time. ### References https://alesandroortiz.com/articles/uxss-android-webview-cve-2020-6506/	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-ah3t-syrj-nkdf
Aliases:
CVE-2020-6507

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.

There are no reported fixed by versions.

VCID-ucwp-bcjt-q7f4
Aliases:
CVE-2020-6505

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.

There are no reported fixed by versions.

VCID-zv9w-wnfw-5ue5
Aliases:
CVE-2020-6506
GHSA-36j3-xxf7-4pqg

Android WebView Universal Cross-site Scripting A universal cross-site scripting (UXSS) vulnerability, CVE-2020-6506 (https://crbug.com/1083819), has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native apps which use a `react-native-webview` that allows navigation to arbitrary URLs, and when that app runs on systems with an Android WebView version prior to 83.0.4103.106. ## Pending mitigation Ensure users update their Android WebView system component via the Google Play Store to 83.0.4103.106 or higher to avoid this UXSS. 'react-native-webview' is working on a mitigation but it could take some time. ### References https://alesandroortiz.com/articles/uxss-android-webview-cve-2020-6506/

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:06:09.511244+00:00	RedHat Importer	Affected by	VCID-ah3t-syrj-nkdf	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6507.json	38.0.0
2026-04-01T14:06:09.483849+00:00	RedHat Importer	Affected by	VCID-zv9w-wnfw-5ue5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6506.json	38.0.0
2026-04-01T14:06:09.458736+00:00	RedHat Importer	Affected by	VCID-ucwp-bcjt-q7f4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6505.json	38.0.0