CVE-2020-12417

HIGH Year: 2020
CVSS v3 Score
8.8
High
CVSS v2 Score
9.3
Critical
Weakness Type
CWE-617
View all →

Vulnerability Description

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.

Related Vulnerabilities

CVE-2020-6617

HIGH
CVSS:8.8(High)

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.

CWE-6172020

CVE-2020-6619

HIGH
CVSS:8.8(High)

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.

CWE-6172020

CVE-2020-6623

HIGH
CVSS:8.8(High)

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.

CWE-6172020

CVE-2023-37015

HIGH
CVSS:8.6(High)

Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `Path Switch Request` message missing a ...

CWE-6172023

CVE-2023-37016

HIGH
CVSS:8.6(High)

Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Context Modification Response` messag...

CWE-6172023

CVE-2023-37017

HIGH
CVSS:8.6(High)

Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `S1Setup Request` message missing a requ...

CWE-6172023