When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12423
Acknowledgments: Name: the Mozilla project Upstream: Riccardo Ancarani
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-12423