Vulnerabilities > Mozilla > Firefox ESR > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-10 | CVE-2020-15653 | An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. | 6.5 |
| 2020-08-10 | CVE-2020-15652 | Origin Validation Error vulnerability in multiple products By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. | 6.5 |
| 2020-08-10 | CVE-2020-15650 | Unspecified vulnerability in Mozilla Firefox ESR Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). | 5.5 |
| 2020-08-10 | CVE-2020-15649 | Unrestricted Upload of File with Dangerous Type vulnerability in Mozilla Firefox ESR Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. | 5.5 |
| 2020-07-09 | CVE-2020-12421 | Improper Certificate Validation vulnerability in multiple products When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. | 6.5 |
| 2020-07-09 | CVE-2020-12418 | Out-of-bounds Read vulnerability in multiple products Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. | 6.5 |
| 2020-07-09 | CVE-2020-12405 | Use After Free vulnerability in multiple products When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. | 5.3 |
| 2020-07-09 | CVE-2020-12399 | Information Exposure Through Discrepancy vulnerability in multiple products NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. | 4.4 |
| 2020-05-26 | CVE-2020-12392 | Path Traversal vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. | 5.5 |
| 2020-04-24 | CVE-2020-6827 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox ESR When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. | 4.7 |