CVE-2020-6424: 
Node.js vulnerability analysis and mitigation

CVE-2020-6424 is a use-after-free vulnerability discovered in the media component of Google Chrome versions prior to 80.0.3987.149. The vulnerability was discovered by Sergei Glazunov of Google Project Zero on December 5, 2019, and was publicly disclosed on March 18, 2020 (Chrome Release).

The vulnerability is classified as a use-after-free issue in the media component of Chrome. It has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability could allow a remote attacker to potentially exploit heap corruption through a specially crafted HTML page (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code with the privileges of the process or cause a Denial of Service condition. The high CVSS score indicates that the vulnerability could lead to significant compromise of confidentiality, integrity, and availability of the affected system (Gentoo Security).

The vulnerability was patched in Chrome version 80.0.3987.149. Users and administrators are advised to upgrade to this version or later. Multiple Linux distributions have also released security updates to address this vulnerability, including Debian, Fedora, and openSUSE (Debian Security, Fedora Update).