AVG-1235 log

Package firefox
Status Fixed
Severity High
Type multiple issues
Affected 80.0.1-1
Fixed 81.0-1
Current 93.0-1 [extra]
Ticket None
Created Wed Sep 23 15:04:49 2020
Issue Severity Remote Type Description
CVE-2020-15678 Medium No Denial of service
A use-after-free issue has been found in Firefox before 81.0 where, when recursing through graphical layers while scrolling, an iterator may have become...
CVE-2020-15677 Medium Yes Content spoofing
An issue has been found in Firefox before 81.0 where, by exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site...
CVE-2020-15676 Medium No Cross-site scripting
Firefox before 81.0 sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after...
CVE-2020-15675 High Yes Arbitrary code execution
A use-after-free issue has been found in the WebGL implementation of Firefox before 81.0 where, when processing surfaces, the lifetime may outlive a...
CVE-2020-15674 High Yes Arbitrary code execution
Several memory safety issues have been found in Firefox before 81.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with...
CVE-2020-15673 High Yes Arbitrary code execution
Several memory safety issues have been found in Firefox before 81.0 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and...
Date Advisory Package Type
23 Sep 2020 ASA-202009-10 firefox multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-42