The Mozilla Foundation has released Firefox 82 that includes security fixes for multiple vulnerabilities, as well as browser performance boosts and video watching feature improvements.
An attacker could exploit these vulnerabilities to take control of impacted systems.
As part of Mozilla Foundation Security Advisory 2020-45, Firefox 82 patched 5 vulnerabilities, 4 of those rated High severity.
The High severity issues patched include:
- CVE-2020-15969: Use-after-free in usersctp
- CVE-2020-15254: Undefined behavior in bounded channel of crossbeam rust crate
- CVE-2020-15683: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
- CVE-2020-15684: Memory safety bugs fixed in Firefox 82
Mozilla also noted that the memory safety vulnerabilities could potentially be exploited to run arbitrary code.
To add, the Firefox 82 update also fixes two Moderate and one Low severity vulnerabilities.