Vulnerabilities > Mozilla > Firefox > 2.0.0.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-07 | CVE-2020-26976 | When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing. | 4.3 |
| 2021-01-07 | CVE-2020-26974 | Out-of-bounds Write vulnerability in Mozilla Firefox When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. | 6.8 |
| 2021-01-07 | CVE-2020-26973 | Unspecified vulnerability in Mozilla Firefox Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. network mozilla | 6.8 |
| 2021-01-07 | CVE-2020-26972 | Use After Free vulnerability in Mozilla Firefox The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. | 7.5 |
| 2021-01-07 | CVE-2020-26971 | Out-of-bounds Write vulnerability in Mozilla Firefox Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. | 6.8 |
| 2020-12-09 | CVE-2020-26969 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 82. | 9.3 |
| 2020-12-09 | CVE-2020-26968 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. | 9.3 |
| 2020-12-09 | CVE-2020-26967 | Unspecified vulnerability in Mozilla Firefox When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. network mozilla | 4.3 |
| 2020-12-09 | CVE-2020-26966 | Unspecified vulnerability in Mozilla Firefox Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. network mozilla | 4.3 |
| 2020-12-09 | CVE-2020-26965 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Mozilla Firefox Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. | 4.3 |