| CVE-2020-15659 |
High |
Yes |
Arbitrary code execution |
Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of... |
| CVE-2020-15658 |
Low |
Yes |
Content spoofing |
The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an... |
| CVE-2020-15656 |
High |
Yes |
Denial of service |
JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the... |
| CVE-2020-15655 |
High |
Yes |
Information disclosure |
A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of... |
| CVE-2020-15654 |
Low |
Yes |
Denial of service |
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they... |
| CVE-2020-15653 |
Medium |
Yes |
Authentication bypass |
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites... |
| CVE-2020-15652 |
High |
Yes |
Information disclosure |
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to... |
| CVE-2020-6514 |
High |
Yes |
Arbitrary code execution |
Inappropriate implementation in WebRTC. |
| CVE-2020-6463 |
High |
Yes |
Arbitrary code execution |
Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |