PT-2020-19237 · Mozilla+2 · Firefox+2

Jan Biniok

Published

2020-03-10

Updated

2024-12-12

CVE-2020-6809

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 74

Description A issue exists where a Web Extension with the all-urls permission can read local files when making a fetch request with a mode set to 'same-origin'.

Recommendations For versions prior to 74, update to version 74 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2020-1486

ALT-PU-2020-2408

ALT-PU-2020-2933

ALT-PU-2020-3442

ALT-PU-2021-1368

ALT-PU-2021-3368

CVE-2020-6809

OPENSUSE-SU-2024:10600-1

OPENSUSE-SU-2024:14572-1

USN-4299-1

Affected Products

Alt Linux

Firefox

Ubuntu

PT-2020-19237 · Mozilla+2 · Firefox+2

CVE-2020-6809

Related Identifiers

Affected Products

References · 1895