Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-15677

Опубликовано: 01 окт. 2020
Источник: debian
EPSS Низкий

Описание

By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
firefoxfixed81.0-1package
firefox-esrfixed78.3.0esr-1package
thunderbirdfixed1:78.3.1-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/#CVE-2020-15677

  • https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/#CVE-2020-15677

  • https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/#CVE-2020-15677

EPSS

Процентиль: 66%
0.00527
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-15677

CVSS3: 6.1
ubuntu
почти 5 лет назад

By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

redhat логотип

CVE-2020-15677

CVSS3: 6.1
redhat
почти 5 лет назад

By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

nvd логотип

CVE-2020-15677

CVSS3: 6.1
nvd
почти 5 лет назад

By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

github логотип

GHSA-c2xm-2fm6-9338

CVSS3: 6.1
github
больше 3 лет назад

By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.

suse-cvrf логотип

openSUSE-SU-2020:1574-1

suse-cvrf
почти 5 лет назад

Security update for MozillaFirefox

EPSS

Процентиль: 66%
0.00527
Низкий