vulnerability

Huawei EulerOS: CVE-2020-12417: mozjs60 security update

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Jul 9, 2020

Added

Feb 12, 2024

Modified

Apr 1, 2026

Description

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

Solution

huawei-euleros-2_0_sp9-upgrade-mozjs60

References

CVE-2020-12417
https://attackerkb.com/topics/CVE-2020-12417
CWE-617
CWE-681
CWE-787
EULEROS-EulerOS-SA-2024-1201
EUVD-EUVD-2020-4729
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-4729

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report