vulnerability
Oracle Linux: CVE-2020-12417: ELSA-2020-2827: firefox security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Jun 30, 2020 | Jul 9, 2020 | Dec 3, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Jun 30, 2020
Added
Jul 9, 2020
Modified
Dec 3, 2025
Description
Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
The Mozilla Foundation Security Advisory describes this flaw as:
Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash.
The Mozilla Foundation Security Advisory describes this flaw as:
Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash.
Solutions
oracle-linux-upgrade-firefoxoracle-linux-upgrade-thunderbird
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.