Linux Distros Unpatched Vulnerability : CVE-2020-26956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox 8...

Linux Distros Unpatched Vulnerability : CVE-2020-26960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If the Compact method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free an...

SUSE CVE-2020-26957

OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox...

CVE-2020-26967

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

Mozilla: Fullscreen could be enabled without displaying the security UI

It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...