By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/#CVE-2020-15677
Acknowledgments: Name: the Mozilla project Upstream: Richard Thomas and Tom Chothia (University of Birmingham)
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:3834 https://access.redhat.com/errata/RHSA-2020:3834
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:3833 https://access.redhat.com/errata/RHSA-2020:3833
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:3832 https://access.redhat.com/errata/RHSA-2020:3832
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:3835 https://access.redhat.com/errata/RHSA-2020:3835
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-15677
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:4080 https://access.redhat.com/errata/RHSA-2020:4080
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:4156 https://access.redhat.com/errata/RHSA-2020:4156
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:4157 https://access.redhat.com/errata/RHSA-2020:4157
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4155 https://access.redhat.com/errata/RHSA-2020:4155
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:4158 https://access.redhat.com/errata/RHSA-2020:4158
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:4163 https://access.redhat.com/errata/RHSA-2020:4163