The Mozilla Foundation has released Firefox 83 that includes security fixes for 4 High risk vulnerabilities.
An attacker could exploit the vulnerability to take control of impacted systems.
As part of Mozilla Foundation Security Advisory 2020-50, Firefox 83 patched the following 4 High severity vulnerabilities:
- CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code.
- CVE-2020-26952: Out of memory handling of JITed, inlined functions could lead to a memory corruption.
- CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5.
- CVE-2020-26969: Memory safety bugs fixed in Firefox 83.
Mozilla also noted that the memory safety vulnerabilities could potentially be exploited to run arbitrary code.
Moreover, the update also addressed multiple other Medium and Low severity bugs.
Finally, Mozilla also addressed vulnerabilities in Firefox ESR 78.5 and Thunderbird 78.5.