CVE-2020-26951
critical
CVSS v3
—
CVSS v2
—
VIR risk
9.5
Description
A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2020-26951
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2020-26951.html
Vendor advisory: arch — https://security.archlinux.org/ASA-202011-12
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| arch | fixed | 83.0-1 | |
| sles | affected | | |
| debian | sid | fixed | 83.0-1 |
| debian | bookworm | fixed | 78.5.0esr-1 |
| debian | bullseye | fixed | 78.5.0esr-1 |
| debian | forky | fixed | 78.5.0esr-1 |
| debian | trixie | fixed | 78.5.0esr-1 |
References
Verify integrity in audit chain (admin only). AS-IS.