Search for packages
| purl | pkg:alpm/archlinux/firefox@74.0.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1dg7-zfz2-aaar
Aliases: CVE-2020-6825 |
Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. |
Affected by 8 other vulnerabilities. |
|
VCID-aeeg-9d4b-aaaf
Aliases: CVE-2020-6826 |
Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 75. |
Affected by 8 other vulnerabilities. |
|
VCID-k35f-wy9p-aaaq
Aliases: CVE-2020-6823 |
A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox < 75. |
Affected by 8 other vulnerabilities. |
|
VCID-tgdb-h8sy-aaae
Aliases: CVE-2020-6824 |
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox < 75. |
Affected by 8 other vulnerabilities. |
|
VCID-yq28-51ue-aaae
Aliases: CVE-2020-6821 |
When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. |
Affected by 8 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-47ec-jak8-aaab | Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1. |
CVE-2020-6820
|
| VCID-4hms-r9gj-aaaq | Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1. |
CVE-2020-6819
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:44:18.997397+00:00 | Arch Linux Importer | Fixing | VCID-4hms-r9gj-aaaq | https://security.archlinux.org/AVG-1125 | 36.0.0 |
| 2025-03-28T07:44:18.963453+00:00 | Arch Linux Importer | Fixing | VCID-47ec-jak8-aaab | https://security.archlinux.org/AVG-1125 | 36.0.0 |
| 2025-03-28T07:44:18.937752+00:00 | Arch Linux Importer | Affected by | VCID-yq28-51ue-aaae | https://security.archlinux.org/AVG-1127 | 36.0.0 |
| 2025-03-28T07:44:18.902822+00:00 | Arch Linux Importer | Affected by | VCID-k35f-wy9p-aaaq | https://security.archlinux.org/AVG-1127 | 36.0.0 |
| 2025-03-28T07:44:18.868114+00:00 | Arch Linux Importer | Affected by | VCID-tgdb-h8sy-aaae | https://security.archlinux.org/AVG-1127 | 36.0.0 |
| 2025-03-28T07:44:18.833775+00:00 | Arch Linux Importer | Affected by | VCID-1dg7-zfz2-aaar | https://security.archlinux.org/AVG-1127 | 36.0.0 |
| 2025-03-28T07:44:18.802142+00:00 | Arch Linux Importer | Affected by | VCID-aeeg-9d4b-aaaf | https://security.archlinux.org/AVG-1127 | 36.0.0 |
| 2024-09-18T01:59:24.584641+00:00 | Arch Linux Importer | Fixing | VCID-4hms-r9gj-aaaq | https://security.archlinux.org/AVG-1125 | 34.0.1 |
| 2024-09-18T01:59:24.557051+00:00 | Arch Linux Importer | Fixing | VCID-47ec-jak8-aaab | https://security.archlinux.org/AVG-1125 | 34.0.1 |
| 2024-09-18T01:59:24.526070+00:00 | Arch Linux Importer | Affected by | VCID-yq28-51ue-aaae | https://security.archlinux.org/AVG-1127 | 34.0.1 |
| 2024-09-18T01:59:24.497755+00:00 | Arch Linux Importer | Affected by | VCID-k35f-wy9p-aaaq | https://security.archlinux.org/AVG-1127 | 34.0.1 |
| 2024-09-18T01:59:24.473149+00:00 | Arch Linux Importer | Affected by | VCID-tgdb-h8sy-aaae | https://security.archlinux.org/AVG-1127 | 34.0.1 |
| 2024-09-18T01:59:24.448682+00:00 | Arch Linux Importer | Affected by | VCID-1dg7-zfz2-aaar | https://security.archlinux.org/AVG-1127 | 34.0.1 |
| 2024-09-18T01:59:24.424495+00:00 | Arch Linux Importer | Affected by | VCID-aeeg-9d4b-aaaf | https://security.archlinux.org/AVG-1127 | 34.0.1 |
| 2024-01-20T12:06:20.141614+00:00 | Arch Linux Importer | Fixing | VCID-4hms-r9gj-aaaq | https://security.archlinux.org/AVG-1125 | 34.0.0rc2 |
| 2024-01-20T12:06:20.119660+00:00 | Arch Linux Importer | Fixing | VCID-47ec-jak8-aaab | https://security.archlinux.org/AVG-1125 | 34.0.0rc2 |
| 2024-01-20T12:06:20.093064+00:00 | Arch Linux Importer | Affected by | VCID-yq28-51ue-aaae | https://security.archlinux.org/AVG-1127 | 34.0.0rc2 |
| 2024-01-20T12:06:20.071179+00:00 | Arch Linux Importer | Affected by | VCID-k35f-wy9p-aaaq | https://security.archlinux.org/AVG-1127 | 34.0.0rc2 |
| 2024-01-20T12:06:20.049355+00:00 | Arch Linux Importer | Affected by | VCID-tgdb-h8sy-aaae | https://security.archlinux.org/AVG-1127 | 34.0.0rc2 |
| 2024-01-20T12:06:20.027411+00:00 | Arch Linux Importer | Affected by | VCID-1dg7-zfz2-aaar | https://security.archlinux.org/AVG-1127 | 34.0.0rc2 |
| 2024-01-20T12:06:20.005413+00:00 | Arch Linux Importer | Affected by | VCID-aeeg-9d4b-aaaf | https://security.archlinux.org/AVG-1127 | 34.0.0rc2 |
| 2024-01-03T22:25:41.967048+00:00 | Arch Linux Importer | Fixing | VCID-4hms-r9gj-aaaq | https://security.archlinux.org/AVG-1125 | 34.0.0rc1 |
| 2024-01-03T22:25:41.945468+00:00 | Arch Linux Importer | Fixing | VCID-47ec-jak8-aaab | https://security.archlinux.org/AVG-1125 | 34.0.0rc1 |
| 2024-01-03T22:25:41.919477+00:00 | Arch Linux Importer | Affected by | VCID-yq28-51ue-aaae | https://security.archlinux.org/AVG-1127 | 34.0.0rc1 |
| 2024-01-03T22:25:41.892821+00:00 | Arch Linux Importer | Affected by | VCID-k35f-wy9p-aaaq | https://security.archlinux.org/AVG-1127 | 34.0.0rc1 |
| 2024-01-03T22:25:41.866610+00:00 | Arch Linux Importer | Affected by | VCID-tgdb-h8sy-aaae | https://security.archlinux.org/AVG-1127 | 34.0.0rc1 |
| 2024-01-03T22:25:41.840722+00:00 | Arch Linux Importer | Affected by | VCID-1dg7-zfz2-aaar | https://security.archlinux.org/AVG-1127 | 34.0.0rc1 |
| 2024-01-03T22:25:41.814787+00:00 | Arch Linux Importer | Affected by | VCID-aeeg-9d4b-aaaf | https://security.archlinux.org/AVG-1127 | 34.0.0rc1 |