PT-2020-14577 · Mozilla+3 · Firefox For Android+4

Tyson Smith

Published

2020-08-25

Updated

2024-12-12

CVE-2020-15668

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 80 Firefox for Android versions prior to 80

Description A missing lock when accessing a data structure and importing certificate information into the trust database poses a security issue.

Recommendations For Firefox versions prior to 80, update to version 80 or later. For Firefox for Android versions prior to 80, update to version 80 or later.

Exploit

Fix

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALT-PU-2020-2706

ALT-PU-2020-3442

ALT-PU-2021-3368

CVE-2020-15668

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

USN-4474-1

USN-4474-2

Affected Products

Alt Linux

Firefox

Firefox For Android

Linuxmint

Ubuntu

PT-2020-14577 · Mozilla+3 · Firefox For Android+4

CVE-2020-15668

Weakness Enumeration

Related Identifiers

Affected Products

References · 1893