CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26973 – Mozilla: CSS Sanitizer performed incorrect sanitization
https://notcve.org/view.php?id=CVE-2020-26973
Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Determinadas entradas hacia el CSS Sanitizer lo confundieron, resultando en una eliminación de componentes incorrectos. Esto podría haber sido usado como una omisión de saneo. • https://bugzilla.mozilla.org/show_bug.cgi?id=1680084 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26973 https://bugzilla.redhat.com/show_bug.cgi?id=1908023 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26971 – Mozilla: Heap buffer overflow in WebGL
https://notcve.org/view.php?id=CVE-2020-26971
Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Determinados valores de blit proporcionados por el usuario no se restringieron apropiadamente, conllevando a un desbordamiento del búfer de pila en algunos controladores de video. Esta vulnerabilidad afecta a Firefox versiones anteriores a 84, Thunderbird versiones anteriores a 78,6 y Firefox ESR versiones anteriores a 78,6 The Mozilla Foundation Security Advisory describes this flaw as: Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. • https://bugzilla.mozilla.org/show_bug.cgi?id=1663466 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26971 https://bugzilla.redhat.com/show_bug.cgi?id=1908022 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26974 – Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
https://notcve.org/view.php?id=CVE-2020-26974
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Cuando flex-basis fue usada en un contenedor de tabla, un objeto StyleGenericFlexBasis podría haberse convertido incorrectamente en el tipo equivocado. Esto resultó en uso de la memoria previamente liberada de la pila, una corrupción de la memoria y un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1681022 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26974 https://bugzilla.redhat.com/show_bug.cgi?id=1908024 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26978 – Mozilla: Internal network hosts could have been probed by a malicious webpage
https://notcve.org/view.php?id=CVE-2020-26978
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Usando técnicas que se basaron en la investigación de slipstream, una página web maliciosa podría haber expuesto tanto los hosts de una red interna como los servicios que se ejecutan en la máquina local del usuario. Esta vulnerabilidad afecta a Firefox versiones anteriores a 84, Thunderbird versiones anteriores a 78,6 y Firefox ESR versiones anteriores a 78,6 The Mozilla Foundation Security Advisory describes this flaw as: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. • https://bugzilla.mozilla.org/show_bug.cgi?id=1677047 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-26978 https://bugzilla.redhat.com/show_bug.cgi?id=1908025 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-35111 – Mozilla: The proxy.onRequest API did not catch view-source URLs
https://notcve.org/view.php?id=CVE-2020-35111
When an extension with the proxy permission registered to receive <all_urls>, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Cuando una extensión con el permiso de proxy se registró para recibir (all_urls), la devolución de llamada proxy.onRequest no se desencadenó para las URL de vista de origen. Si bien el contenido web no puede navegar a dichas URL, un usuario que abra View Source podría haber filtrado inadvertidamente su dirección IP. • https://bugzilla.mozilla.org/show_bug.cgi?id=1657916 https://www.mozilla.org/security/advisories/mfsa2020-54 https://www.mozilla.org/security/advisories/mfsa2020-55 https://www.mozilla.org/security/advisories/mfsa2020-56 https://access.redhat.com/security/cve/CVE-2020-35111 https://bugzilla.redhat.com/show_bug.cgi?id=1908027 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •