CVE-2020-15655
Published: 29 July 2020
A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
Priority
CVSS 3 base score: 6.5
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
Upstream |
Released
(79)
|
Ubuntu 21.04 (Hirsute Hippo) |
Released
(80.0.1+build1-0ubuntu1)
|
|
Ubuntu 20.10 (Groovy Gorilla) |
Released
(80.0.1+build1-0ubuntu1)
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Released
(79.0+build1-0ubuntu0.20.04.1)
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(79.0+build1-0ubuntu0.18.04.1)
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(79.0+build1-0ubuntu0.16.04.2)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
mozjs38 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
Ubuntu 20.10 (Groovy Gorilla) |
Does not exist
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Does not exist
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
mozjs52 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
Ubuntu 20.10 (Groovy Gorilla) |
Needs triage
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Needs triage
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
mozjs60 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
Ubuntu 20.10 (Groovy Gorilla) |
Does not exist
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Does not exist
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
mozjs68 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
Ubuntu 20.10 (Groovy Gorilla) |
Needs triage
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Needs triage
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
thunderbird Launchpad, Ubuntu, Debian |
Upstream |
Released
(78.1)
|
Ubuntu 21.04 (Hirsute Hippo) |
Not vulnerable
(1:78.4.3+build1-0ubuntu1)
|
|
Ubuntu 20.10 (Groovy Gorilla) |
Not vulnerable
(1:78.3.2+build1-0ubuntu1)
|
|
Ubuntu 20.04 LTS (Focal Fossa) |
Needs triage
|
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Needs triage
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|