Vulnerability CVE-2020-15656: Information

Description

JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-15656
Published: Aug. 10, 2020
Modified: Feb. 3, 2023
Error type identifier: CWE-843

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus79.0-alt1125.0.2-alt1ALT-PU-2020-2598-1256176Fixed
firefoxp1079.0-alt1118.0.2-alt0.p10.1ALT-PU-2020-2598-1256176Fixed
firefoxp980.0.1-alt0.1.p9105.0.1-alt0.c9.1ALT-PU-2020-3442-1262506Fixed
firefoxc10f179.0-alt1112.0.2-alt0.p10.1ALT-PU-2020-2598-1256176Fixed
firefoxc9f293.0-alt0.p9.1105.0.1-alt0.c9.1ALT-PU-2021-3368-1288792Fixed
firefox-esrsisyphus78.1.0-alt1115.10.0-alt1ALT-PU-2020-2466-1255488Fixed
firefox-esrp1091.1.0-alt1115.10.0-alt1ALT-PU-2021-2881-1284980Fixed
firefox-esrp978.3.0-alt0.1.p9102.11.0-alt0.c9.1ALT-PU-2020-2933-1254920Fixed
firefox-esrc10f191.1.0-alt1115.9.1-alt0.c10.1ALT-PU-2021-2881-1284980Fixed
firefox-esrc9f291.3.0-alt1.c9.1102.12.0-alt0.c9.1ALT-PU-2021-3369-1288792Fixed
thunderbirdsisyphus78.1.1-alt1115.9.0-alt1ALT-PU-2020-2709-1256264Fixed
thunderbirdp1078.1.1-alt1115.9.0-alt1ALT-PU-2020-2709-1256264Fixed
thunderbirdp978.3.1-alt1102.11.0-alt0.c9.1ALT-PU-2020-2934-1254920Fixed
thunderbirdc10f178.1.1-alt1115.9.0-alt0.c10.1ALT-PU-2020-2709-1256264Fixed
thunderbirdc9f278.7.0-alt0.1.c9102.11.0-alt0.c9.1ALT-PU-2021-1369-1264611Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.mozilla.org/security/advisories/mfsa2020-32/
  • Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1647293
  • Issue Tracking
  • Permissions Required
  • Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2020-30/
  • Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2020-33/
  • Vendor Advisory
openSUSE-SU-2020:1189
  • Third Party Advisory
USN-4443-1
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
      End excliding
      78.1
      cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
      End excliding
      78.1
      cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
      End excliding
      79.0

      Configuration 2

      cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top