1. Home
  2. Security Advisories
  3. Gentoo
  4. GLSA-202004-07

[GLSA-202004-07] Mozilla Firefox: Multiple vulnerabilities

Severity Normal
Affected Packages 1
Unaffected Packages 1
CVEs 2
Info Packages References Vulnerabilities

Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.

Background
Mozilla Firefox is a popular open-source web browser from the Mozilla
Project.

Description
Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
review the CVE identifiers referenced below for details.

Impact
A remote attacker could entice a user to view a specially crafted web
page, possibly resulting in the execution of arbitrary code with the
privileges of the process or a Denial of Service condition.

Workaround
There is no known workaround at this time.

Resolution
All Mozilla Firefox ESR users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-68.6.1"

Package Affected Version
pkg:ebuild/www-client/firefox?distro=gentoo < 68.6.1
Package Unaffected Version
pkg:ebuild/www-client/firefox?distro=gentoo >= 68.6.1
ID
GLSA-202004-07
Severity
normal
URL
https://security.gentoo.org/glsa/202004-07
Published
2020-04-04T00:00:00
(4 years ago)
Modified
2020-04-17T00:00:00
(4 years ago)
Rights
Gentoo Foundation, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:ebuild/www-client/firefox?distro=gentoo www-client firefox < 68.6.1 gentoo
Unaffected pkg:ebuild/www-client/firefox?distro=gentoo www-client firefox >= 68.6.1 gentoo
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date