CVE-2020-12391
26.05.2020, 18:15
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.Enginsight
Vendor | Product | Version |
---|---|---|
mozilla | firefox | 𝑥 < 76.0 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
firefox |
| ||||||||||||||||||||||||||
mozjs38 |
| ||||||||||||||||||||||||||
mozjs52 |
| ||||||||||||||||||||||||||
mozjs60 |
| ||||||||||||||||||||||||||
mozjs68 |
|