CVE-2020-26963
First published: Tue Nov 17 2020(Updated: )
Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mozilla Firefox | <83 | 83 |
| <83 | 83 | |
| Mozilla Firefox | <83.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2020-26963.
What is the title of this vulnerability?
The title of this vulnerability is 'Repeated calls to the history and location interfaces could have been used to hang the browser.'
Which browser is affected by this vulnerability?
This vulnerability affects Mozilla Firefox version up to, but not including, 83.0.
How was this vulnerability addressed?
This vulnerability was addressed by introducing rate-limiting to the history and location API calls.
What is the severity level of this vulnerability?
The severity level of this vulnerability is medium, with a CVSS score of 4.3.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/author
- agent/severity
- agent/references
- agent/event
- agent/description
- collector/mozilla-advisory
- agent/software-canonical-lookup-request
- source/Mozilla
- agent/software-canonical-lookup
- agent/tags
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- vendor/mozilla
- canonical/mozilla firefox