VulnerableCode Package Details - pkg:alpm/archlinux/firefox@74.0-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1a64-m2w1-hkhs	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	CVE-2020-6814
VCID-353s-ucdm-z7ck	After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks.	CVE-2020-6810
VCID-dqm3-dse4-8bap	When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document.	CVE-2020-6808
VCID-jr81-ed7a-aqcp	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	CVE-2020-6811
VCID-m5h6-y3tw-eue6	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	CVE-2019-20503
VCID-rap5-qz3f-4yhc	When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy.	CVE-2020-6813
VCID-t4eb-c363-u7hc	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	CVE-2020-6805
VCID-uddz-7wx8-xfbb	When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files.	CVE-2020-6809
VCID-wpm1-y59u-zkgu	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	CVE-2020-6807
VCID-x4vq-y6b6-dqf6	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	CVE-2020-6806
VCID-yr3c-1cqv-n3bw	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.	CVE-2020-6812
VCID-yu6u-82qg-mqft	Mozilla developers Jason Kratzer, Boris Zbarsky, Tyson Smith, and Alexandru Michis reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code.	CVE-2020-6815

Vulnerability

Summary

Aliases

VCID-1a64-m2w1-hkhs

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

CVE-2020-6814

VCID-353s-ucdm-z7ck

After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks.

CVE-2020-6810

VCID-dqm3-dse4-8bap

When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document.

CVE-2020-6808

VCID-jr81-ed7a-aqcp

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

CVE-2020-6811

VCID-m5h6-y3tw-eue6

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

CVE-2019-20503

VCID-rap5-qz3f-4yhc

When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy.

CVE-2020-6813

VCID-t4eb-c363-u7hc

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

CVE-2020-6805

VCID-uddz-7wx8-xfbb

When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files.

CVE-2020-6809

VCID-wpm1-y59u-zkgu

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

CVE-2020-6807

VCID-x4vq-y6b6-dqf6

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

CVE-2020-6806

VCID-yr3c-1cqv-n3bw

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

CVE-2020-6812

VCID-yu6u-82qg-mqft

Mozilla developers Jason Kratzer, Boris Zbarsky, Tyson Smith, and Alexandru Michis reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code.

CVE-2020-6815

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-07T13:59:07.385710+00:00	Arch Linux Importer	Fixing	VCID-m5h6-y3tw-eue6	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.374884+00:00	Arch Linux Importer	Fixing	VCID-t4eb-c363-u7hc	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.362182+00:00	Arch Linux Importer	Fixing	VCID-x4vq-y6b6-dqf6	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.351150+00:00	Arch Linux Importer	Fixing	VCID-wpm1-y59u-zkgu	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.340522+00:00	Arch Linux Importer	Fixing	VCID-dqm3-dse4-8bap	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.327731+00:00	Arch Linux Importer	Fixing	VCID-uddz-7wx8-xfbb	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.312997+00:00	Arch Linux Importer	Fixing	VCID-353s-ucdm-z7ck	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.299781+00:00	Arch Linux Importer	Fixing	VCID-jr81-ed7a-aqcp	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.286291+00:00	Arch Linux Importer	Fixing	VCID-yr3c-1cqv-n3bw	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.271705+00:00	Arch Linux Importer	Fixing	VCID-rap5-qz3f-4yhc	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.257562+00:00	Arch Linux Importer	Fixing	VCID-1a64-m2w1-hkhs	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-07T13:59:07.246314+00:00	Arch Linux Importer	Fixing	VCID-yu6u-82qg-mqft	https://security.archlinux.org/AVG-1112	38.1.0
2026-04-01T18:24:23.527802+00:00	Arch Linux Importer	Fixing	VCID-m5h6-y3tw-eue6	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.504745+00:00	Arch Linux Importer	Fixing	VCID-t4eb-c363-u7hc	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.480801+00:00	Arch Linux Importer	Fixing	VCID-x4vq-y6b6-dqf6	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.456217+00:00	Arch Linux Importer	Fixing	VCID-wpm1-y59u-zkgu	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.430713+00:00	Arch Linux Importer	Fixing	VCID-dqm3-dse4-8bap	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.403645+00:00	Arch Linux Importer	Fixing	VCID-uddz-7wx8-xfbb	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.379087+00:00	Arch Linux Importer	Fixing	VCID-353s-ucdm-z7ck	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.352790+00:00	Arch Linux Importer	Fixing	VCID-jr81-ed7a-aqcp	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.328297+00:00	Arch Linux Importer	Fixing	VCID-yr3c-1cqv-n3bw	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.303616+00:00	Arch Linux Importer	Fixing	VCID-rap5-qz3f-4yhc	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.280881+00:00	Arch Linux Importer	Fixing	VCID-1a64-m2w1-hkhs	https://security.archlinux.org/AVG-1112	38.0.0
2026-04-01T18:24:23.257342+00:00	Arch Linux Importer	Fixing	VCID-yu6u-82qg-mqft	https://security.archlinux.org/AVG-1112	38.0.0

2026-04-07T13:59:07.385710+00:00

Arch Linux Importer

Fixing