Mozilla » Firefox Esr : Security Vulnerabilities, CVEs, Published In 2020 (Overflow) CVSS score >= 8

CVE-2020-6831

A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
Max CVSS
9.8
EPSS Score
1.36%
Published
2020-05-26
Updated
2021-07-21

CVE-2019-11759

An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
Max CVSS
8.8
EPSS Score
1.39%
Published
2020-01-08
Updated
2023-02-01

CVE-2018-12371

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.
Max CVSS
8.8
EPSS Score
0.35%
Published
2020-07-09
Updated
2020-07-13
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close