[GLSA-202004-07] Mozilla Firefox: Multiple vulnerabilities
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
Background
Mozilla Firefox is a popular open-source web browser from the Mozilla
Project.
Description
Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to view a specially crafted web
page, possibly resulting in the execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Mozilla Firefox ESR users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-68.6.1"
Package | Affected Version |
---|---|
pkg:ebuild/www-client/firefox?distro=gentoo | < 68.6.1 |
Package | Unaffected Version |
---|---|
pkg:ebuild/www-client/firefox?distro=gentoo | >= 68.6.1 |
- ID
- GLSA-202004-07
- Severity
- normal
- URL
- https://security.gentoo.org/glsa/202004-07
- Published
-
2020-04-04T00:00:00
(4 years ago) - Modified
-
2020-04-17T00:00:00
(4 years ago) - Rights
- Gentoo Foundation, Inc.
- Other Advisories
-
- ALAS2-2020-1429
- ALPINE:CVE-2020-6819
- ALPINE:CVE-2020-6820
- ASA-202004-12
- ASA-202004-6
- CISA-2021:1103
- DSA-4653-1
- DSA-4656-1
- ELSA-2020-1338
- ELSA-2020-1339
- ELSA-2020-1341
- ELSA-2020-1488
- ELSA-2020-1489
- ELSA-2020-1495
- MFSA-2020-11
- MFSA-2020-14
- openSUSE-SU-2020:0461-1
- openSUSE-SU-2020:0520-1
- openSUSE-SU-2020:0544-1
- RHSA-2020:1338
- RHSA-2020:1339
- RHSA-2020:1341
- RHSA-2020:1488
- RHSA-2020:1489
- RHSA-2020:1495
- SSA:2020-094-01
- SUSE-SU-2020:0928-1
- SUSE-SU-2020:0929-1
- SUSE-SU-2020:1027-1
- USN-4317-1
- USN-4328-1
- USN-4335-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2020-6819 | CVE-2020-6819 | https://nvd.nist.gov/vuln/detail/CVE-2020-6819 |
CVE | CVE-2020-6820 | CVE-2020-6820 | https://nvd.nist.gov/vuln/detail/CVE-2020-6820 |
Vendor | MFSA-2020-11 | https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ | |
Bugzilla | 716098 | Bugzilla #716098 | https://bugs.gentoo.org/show_bug.cgi?id=716098 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |