Patch/Configuration Management, Vulnerability Management

Mozilla patches two Firefox vulnerabilities active in the wild

Mozilla patched two critical security issues in Firefox and Firefox ESR that are being abused in the wild.

CVE-2020-6819 and CVE-2020-6820 each involve a race condition that can be exploited to exploited to create a use after free condition. The former vulnerability takes place when running the nsDocShell destructor and the latter when handling a ReadableStream.

Mozilla has included fixes for both flaws in the latest version of the software, Firefox 74.0.1 and Firefox ESR 68.6.1.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.