CVE-2020-26957

Опубликовано: 09 дек. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 83.

Ссылки

https://bugzilla.mozilla.org/show_bug.cgi?id=1667179
Issue Tracking
Permissions Required
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2020-50/
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1667179
Issue Tracking
Permissions Required
Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2020-50/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*

Версия до 83.0 (исключая)

EPSS

Процентиль: 39%

0.00178

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-665

Связанные уязвимости

CVE-2020-26957

CVSS3: 6.5

ubuntu

около 5 лет назад

OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.

CVE-2020-26957

CVSS3: 6.5

debian

около 5 лет назад

OneCRL was non-functional in the new Firefox for Android due to a miss ...

GHSA-r8fq-xfh5-mvgx

github

больше 3 лет назад

EPSS

Процентиль: 39%

0.00178

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-665