CVE-2020-6411: 
Google Chrome vulnerability analysis and mitigation

CVE-2020-6411 is a security vulnerability discovered in Google Chrome's Omnibox (address bar) prior to version 80.0.3987.87. The vulnerability was reported by Khalil Zhani on February 7, 2019, and was publicly disclosed in February 2020. This vulnerability affects Google Chrome and Chromium-based browsers (Chrome Release, NVD).

The vulnerability is characterized by insufficient validation of untrusted input in the Omnibox component of Chrome, which could allow an attacker to perform domain spoofing via IDN homographs through a crafted domain name. The vulnerability has been assigned a CVSS v3.1 base score of 5.4 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N (NVD).

The vulnerability could allow a remote attacker to perform domain spoofing attacks using IDN homographs, potentially leading to phishing attacks by deceiving users about the actual website they are visiting. This could result in information disclosure and potential credential theft (Debian Security).

The vulnerability was fixed in Chrome version 80.0.3987.87. Users and organizations are advised to upgrade to this version or later. Multiple Linux distributions have also released security updates to address this vulnerability, including Debian (80.0.3987.132-1~deb10u1), Fedora, and Gentoo (Debian Security, Gentoo Security).