Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-26952

An information disclosure issue has been found in Firefox before 83.0. When drawing a transparent image on top of an unknown cross-origin image, the Skia library drawImage function took a variable amount of time depending on the content of the underlying image. This resulted in potential cross-origin information exposure of image content through timing side-channel attacks.

Source

Severity Medium

Remote Yes

Type Information disclosure

Description

An information disclosure issue has been found in Firefox before 83.0. When drawing a transparent image on top of an unknown cross-origin image, the Skia library drawImage function took a variable amount of time depending on the content of the underlying image. This resulted in potential cross-origin information exposure of image content through timing side-channel attacks.

AVG-1279 firefox 82.0.3-1 83.0-1 Critical Fixed

https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-16012
https://bugzilla.mozilla.org/show_bug.cgi?id=1642028

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect