vulnerability

CentOS Linux: CVE-2019-17016: Critical: firefox security update (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Jan 8, 2020	Jan 14, 2020	May 25, 2023

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Jan 8, 2020

Added

Jan 14, 2020

Modified

May 25, 2023

Description

When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR

Solution(s)

centos-upgrade-firefoxcentos-upgrade-firefox-debuginfocentos-upgrade-firefox-debugsourcecentos-upgrade-thunderbirdcentos-upgrade-thunderbird-debuginfocentos-upgrade-thunderbird-debugsource

References

DEBIAN-DSA-4600
DEBIAN-DSA-4603
NVD-CVE-2019-17016
REDHAT-RHSA-2020:0085
REDHAT-RHSA-2020:0086
REDHAT-RHSA-2020:0111
REDHAT-RHSA-2020:0120
REDHAT-RHSA-2020:0123
REDHAT-RHSA-2020:0127
REDHAT-RHSA-2020:0292
REDHAT-RHSA-2020:0295

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today