CVE-2020-12422 — Out-of-bounds Write in Mozilla Firefox
Severity
8.8HIGHNVD
OSV6.5
EPSS
0.6%
top 30.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 9
Latest updateMay 24
Description
In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages5 packages
🔴Vulnerability Details
4GHSA▶
GHSA-7vm3-8xjm-5j9p: In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds w↗2022-05-24
CVEList▶
CVE-2020-12422: In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds w↗2020-07-09
OSV▶
CVE-2020-12422: In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds w↗2020-07-01
📋Vendor Advisories
5Debian▶
CVE-2020-12422: firefox - In non-standard configurations, a JPEG image created by JavaScript could have ca...↗2020