Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-26967

Опубликовано: 09 дек. 2020
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability affects Firefox < 83.

РелизСтатусПримечание
bionic

released

83.0+build2-0ubuntu0.18.04.2
devel

released

83.0+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

83.0+build2-0ubuntu0.20.04.1
groovy

released

83.0+build2-0ubuntu0.20.10.1
hirsute

released

83.0+build2-0ubuntu1
impish

released

83.0+build2-0ubuntu1
jammy

released

83.0+build2-0ubuntu1
kinetic

released

83.0+build2-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

groovy

ignored

end of life
hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

ignored

focal

ignored

groovy

ignored

end of life
hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 51%
0.00284
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2020-26967

CVSS3: 6.5
nvd
около 5 лет назад

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability affects Firefox < 83.

debian логотип

CVE-2020-26967

CVSS3: 6.5
debian
около 5 лет назад

When listening for page changes with a Mutation Observer, a malicious ...

github логотип

GHSA-g4xj-2594-cc4j

github
больше 3 лет назад

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability affects Firefox < 83.

EPSS

Процентиль: 51%
0.00284
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Уязвимость CVE-2020-26967