vulnerability

Red Hat: CVE-2020-12422: CVE-2020-12422 Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (Multiple Advisories)

Name: Red Hat: CVE-2020-12422: CVE-2020-12422 Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (Multiple Advisories)
Creator: Red Hat
Published: 2020-07-09T00:00:00.000Z
Keywords: CVE, CWE-787, Red Hat, 2020, 12422, 12422 Mozilla, redhat-upgrade-firefox, redhat-upgrade-firefox-debuginfo, redhat-upgrade-firefox-debugsource, Severity 8

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Published

Jul 9, 2020

Added

Aug 27, 2020

Modified

Mar 27, 2026

Description

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.

Solutions

redhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-firefox-debugsource

References

CWE-787
EUVD-EUVD-2020-4734
NVD-CVE-2020-12422
REDHAT-RHSA-2020:3557
REDHAT-RHSA-2020:3559
REDHAT-RHSA-2020:4080
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-4734

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report