{"id":"CVE-2020-26978","details":"Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox \u003c 84, Thunderbird \u003c 78.6, and Firefox ESR \u003c 78.6.","modified":"2026-04-16T04:30:41.029077110Z","published":"2021-01-07T14:15:12.297Z","related":["SUSE-SU-2020:14584-1","SUSE-SU-2020:3900-1","SUSE-SU-2020:3901-1","SUSE-SU-2020:3902-1","SUSE-SU-2020:3903-1","SUSE-SU-2020:3935-1","openSUSE-SU-2020:2317-1","openSUSE-SU-2020:2318-1","openSUSE-SU-2020:2324-1","openSUSE-SU-2020:2325-1","openSUSE-SU-2024:10600-1","openSUSE-SU-2024:10601-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2020-54/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2020-55/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2020-56/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1677047"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"84.0"}]},{"events":[{"introduced":"0"},{"fixed":"78.6.0"}]},{"events":[{"introduced":"0"},{"fixed":"78.6.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26978.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}