CVE-2020-16048Out-of-bounds Read in Firefox

CWE-125Out-of-bounds ReadCWE-120Classic Buffer Overflow5 documents5 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 58.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Debian FirefoxDebian Firefox-esrMozilla Firefox
Timeline
PublishedNov 2
Latest updateMay 24

Description

Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

mozillamozilla/firefox

🔴Vulnerability Details

1
GHSA
GHSA-jpx9-h8vx-j99q: Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page2022-05-24

📋Vendor Advisories

3
Red Hat
Mozilla: Buffer overflow in depth pitch calculations for compressed textures2021-02-05
Debian
CVE-2020-16048: firefox - Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data v...2020
Mozilla
Mozilla Foundation Security Advisory 2021-06: CVE-2020-16048