CVE-2020-6499: Insufficient policy enforcement in AppCache.

Reference Links

• https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html (Advisory)
• https://crbug.com/999001

Parent vulnerabilities

(Appears in the following advisories)

• 8579594118646068818

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2020-6381
• CVE-2020-6382
• CVE-2019-18197
• CVE-2019-19926
• CVE-2020-6385
• CVE-2019-19880
• CVE-2019-19925
• CVE-2020-6387
• CVE-2020-6388
• CVE-2020-6389
• CVE-2020-6390
• CVE-2020-6391
• CVE-2020-6392
• CVE-2020-6393
• CVE-2020-6394
• CVE-2020-6395
• CVE-2020-6396
• CVE-2020-6397
• CVE-2020-6398
• CVE-2020-6399
• CVE-2020-6500
• CVE-2020-6400
• CVE-2020-6401
• CVE-2020-6402
• CVE-2020-6501
• CVE-2020-6403
• CVE-2020-6404
• CVE-2020-6405
• CVE-2020-6406
• CVE-2019-19923
• CVE-2020-6408
• CVE-2020-6409
• CVE-2020-6410
• CVE-2020-6411
• CVE-2020-6502
• CVE-2020-6412
• CVE-2020-6413
• CVE-2020-6414
• CVE-2020-6415
• CVE-2020-6416
• CVE-2020-6417

Frequently Asked Questions

• What is the severity of CVE-2020-6499?

  CVE-2020-6499 has been classified as high severity due to its potential to allow remote attackers to bypass security restrictions.

• How do I fix CVE-2020-6499?

  To fix CVE-2020-6499, users should update Google Chrome to version 80.0.3987.87 or later.

• What type of vulnerability is CVE-2020-6499?

  CVE-2020-6499 is an inappropriate implementation vulnerability in the AppCache feature of Google Chrome.

• Who is affected by CVE-2020-6499?

  Users of Google Chrome versions prior to 80.0.3987.87 are affected by CVE-2020-6499.

• What can attackers achieve with CVE-2020-6499?

  Attackers can bypass AppCache security restrictions and potentially execute malicious content through a crafted HTML page.