What is the severity of CVE-2020-6447?

CVE-2020-6447 has a medium severity rating due to its potential for heap corruption exploitation.

How do I fix CVE-2020-6447?

To fix CVE-2020-6447, update Google Chrome to version 81.0.4044.92 or later.

Which versions of Google Chrome are affected by CVE-2020-6447?

Google Chrome versions prior to 81.0.4044.92 are affected by CVE-2020-6447.

Is CVE-2020-6447 specific to certain operating systems?

CVE-2020-6447 affects Google Chrome on multiple operating systems including Debian and Fedora.

What kind of attack does CVE-2020-6447 enable?

CVE-2020-6447 allows remote attackers to exploit heap corruption through a crafted HTML page when a user accesses developer tools.

Vulnerability/
CVE-2020-6447

high

8.8

CWE

125 787

13/4/2020

4/8/2024

CVE-2020-6447

First published: Mon Apr 13 2020(Updated: )

Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page.

Credit: chrome-cve-admin@google.com

Affected Software	Affected Version	How to fix
debian/chromium		90.0.4430.212-1~deb10u1 116.0.5845.180-1~deb11u1 120.0.6099.129-1~deb11u1 119.0.6045.199-1~deb12u1 120.0.6099.129-1~deb12u1 120.0.6099.129-1
Google Chrome	<81.0.4044.92
Debian	=9.0
Debian	=10.0
Fedora	=30
Fedora	=31
Fedora	=32
openSUSE Backports	=15.0-sp1
openSUSE	=15.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2020-6447?
CVE-2020-6447 has a medium severity rating due to its potential for heap corruption exploitation.
How do I fix CVE-2020-6447?
To fix CVE-2020-6447, update Google Chrome to version 81.0.4044.92 or later.
Which versions of Google Chrome are affected by CVE-2020-6447?
Google Chrome versions prior to 81.0.4044.92 are affected by CVE-2020-6447.
Is CVE-2020-6447 specific to certain operating systems?
CVE-2020-6447 affects Google Chrome on multiple operating systems including Debian and Fedora.
What kind of attack does CVE-2020-6447 enable?
CVE-2020-6447 allows remote attackers to exploit heap corruption through a crafted HTML page when a user accesses developer tools.

collector/security-tracker-debian
agent/weakness
agent/type
agent/author
agent/severity
collector/mitre-cve
source/MITRE
agent/references
agent/last-modified-date
agent/event
agent/description
agent/first-publish-date
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/debian
vendor/google
canonical/google chrome
vendor/debian
canonical/debian
version/debian/9.0
version/debian/10.0
vendor/fedoraproject
canonical/fedora
version/fedora/30
version/fedora/31
version/fedora/32
vendor/opensuse
canonical/opensuse backports
version/opensuse backports/15.0-sp1
canonical/opensuse
version/opensuse/15.1