CVE-2020-12396 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2020-12396 Interim 1 15 2025-05-01T00:50:58Z current 2021-05-30T14:39:54Z 2025-05-01T00:50:58Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2020-12396 Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/ E-Mail link for openSUSE-SU-2024:14572-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP1 openSUSE Tumbleweed MozillaFirefox MozillaFirefox-92.0-1.2 MozillaFirefox-branding-upstream-92.0-1.2 MozillaFirefox-devel MozillaFirefox-devel-92.0-1.2 MozillaFirefox-translations-common MozillaFirefox-translations-common-92.0-1.2 MozillaFirefox-translations-other MozillaFirefox-translations-other-92.0-1.2 firefox-esr-128.5.1-1.1 firefox-esr-branding-upstream-128.5.1-1.1 firefox-esr-translations-common-128.5.1-1.1 firefox-esr-translations-other-128.5.1-1.1 MozillaFirefox-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-devel-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-92.0-1.2 as a component of openSUSE Tumbleweed firefox-esr-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-branding-upstream-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-common-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-other-128.5.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE CaaS Platform 4.0 MozillaFirefox-devel as a component of SUSE CaaS Platform 4.0 MozillaFirefox-translations-common as a component of SUSE CaaS Platform 4.0 MozillaFirefox-translations-other as a component of SUSE CaaS Platform 4.0 MozillaFirefox as a component of SUSE Enterprise Storage 6 MozillaFirefox as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 MozillaFirefox-devel as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76. CVE-2020-12396 openSUSE Tumbleweed:MozillaFirefox-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-devel-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-translations-common-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-translations-other-92.0-1.2 openSUSE Tumbleweed:firefox-esr-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H