CVE-2020-6437: 
Google Chrome vulnerability analysis and mitigation

CVE-2020-6437 is a security vulnerability discovered in Google Chrome's WebView component prior to version 81.0.4044.92. The vulnerability was identified as an inappropriate implementation in WebView that allowed a remote attacker to spoof security UI via a crafted application. The issue was initially reported by Jann Horn on August 19, 2016, and was publicly disclosed in April 2020 (NVD).

The vulnerability is classified as a Low severity issue with a CVSS v3.1 Base Score of 4.3 (MEDIUM). The vulnerability vector string is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N, indicating that it is network exploitable, requires low attack complexity, needs no privileges, but does require user interaction. The vulnerability affects the security UI implementation in Chrome's WebView component (NVD).

The vulnerability could allow an attacker to spoof security UI elements through a crafted application, potentially misleading users about the security status or origin of web content. This could lead to users being deceived about the authenticity or security of websites they visit (NVD).

Google addressed this vulnerability in Chrome version 81.0.4044.92. Users and organizations are advised to update to this version or later to mitigate the risk. The fix was also backported to various Linux distributions including Debian, Fedora, and OpenSUSE (Debian Security, Fedora Update).