AVG-1256 log

Package firefox
Status Fixed
Severity Critical
Type multiple issues
Affected 81.0.2-1
Fixed 82.0-1
Current 92.0-2 [extra]
Ticket None
Created Wed Oct 28 22:13:37 2020
Issue Severity Remote Type Description
CVE-2020-15969 High Yes Arbitrary code execution
A use after free security issue has been found in the WebRTC component of the chromium browser before 86.0.4240.75 and of Firefox before 82.0.
CVE-2020-15684 High Yes Arbitrary code execution
Several memory safety bugs have been found in Firefox before 82.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with...
CVE-2020-15683 High Yes Arbitrary code execution
Several memory safety bugs have been found in Firefox before 82.0 and Firefox ESR before 78.4. Some of these bugs showed evidence of memory corruption and...
CVE-2020-15682 Low Yes Content spoofing
A spoofing issue has been found in Firefox before 82.0 where, when a link to an external protocol was clicked, a prompt was presented that allowed the user...
CVE-2020-15681 Medium Yes Arbitrary code execution
A memory corruption issue has been found in Firefox before 82.0 where, when multiple WASM threads had a reference to a module, and were looking up exported...
CVE-2020-15680 Medium Yes Information disclosure
An information disclosure issue has been found in Firefox before 82.0 where if a valid external protocol handler was referenced in an image tag, the...
CVE-2020-15254 Critical Yes Arbitrary code execution
An undefined behaviour leading to memory corruption issues has been found in the crossbeam rust crate <= 0.4.3. The "bounded" channel incorrectly assumes...
Date Advisory Package Type
02 Nov 2020 ASA-202011-1 firefox multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/