vulnerability

Oracle Linux: CVE-2020-15658: ELSA-2020-4080: firefox security and bug fix update (IMPORTANT) (Multiple Advisories)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
Jul 28, 2020
Added
Aug 29, 2020
Modified
Jan 7, 2025

Description

The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

Solution

oracle-linux-upgrade-firefox
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.