|Category:||CentOS Local Security Checks|
|Title:||CentOS: Security Advisory for firefox (CESA-2020:2824)|
|Summary:||The remote host is missing an update for the 'firefox'; package(s) announced via the CESA-2020:2824 advisory.|
The remote host is missing an update for the 'firefox'
package(s) announced via the CESA-2020:2824 advisory.
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance, and portability.
This update upgrades Firefox to version 68.10.0 ESR.
* Mozilla: Information disclosure due to manipulated URL object
* Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419)
* Mozilla: Use-After-Free when trying to connect to a STUN server
* Mozilla: Add-On updates did not respect the same certificate trust rules
as software updates (CVE-2020-12421)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
'firefox' package(s) on CentOS 6.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2020-12418|
Common Vulnerability Exposure (CVE) ID: CVE-2020-12419
Common Vulnerability Exposure (CVE) ID: CVE-2020-12420
Common Vulnerability Exposure (CVE) ID: CVE-2020-12421
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.