CVE-2020-6452: 
Node.js vulnerability analysis and mitigation

A heap buffer overflow vulnerability (CVE-2020-6452) was discovered in the media component of Google Chrome versions prior to 80.0.3987.162. The vulnerability was disclosed and patched in March 2020, affecting all Chrome versions before the security update (Chrome Release). This security flaw could allow a remote attacker to potentially exploit heap corruption through a specially crafted HTML page (NVD).

The vulnerability is classified as a heap buffer overflow (CWE-787: Out-of-bounds Write) in Chrome's media component. It received a CVSS v3.1 base score of 8.8 (HIGH), with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, no privileges required, and user interaction required for exploitation (NVD).

The vulnerability could potentially lead to heap corruption, which might allow attackers to execute arbitrary code or cause program crashes. Given the CVSS score of 8.8, the impact is considered high, potentially affecting confidentiality, integrity, and availability of the system (NVD).

Google released version 80.0.3987.162 of Chrome to address this vulnerability. Users and administrators are advised to update to this version or later. The fix was also backported to various Linux distributions including Fedora 30 and 31, and OpenSUSE (Fedora Update).