VulnerableCode Package Details - pkg:alpm/archlinux/firefox@76.0-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-3cvj-hax2-aaam	A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.	CVE-2020-12387
VCID-8btd-mrd4-aaaj	Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.	CVE-2020-12395
VCID-8hk7-ga1w-aaab	Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76.	CVE-2020-12396
VCID-emz6-q5rr-aaaj	A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76.	CVE-2020-12394
VCID-pc9p-ccag-aaae	Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.	CVE-2020-12390
VCID-s65w-d57a-aaap	The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.	CVE-2020-12392
VCID-x1ua-dn9s-aaab	A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.	CVE-2020-6831
VCID-zbny-98f4-aaae	Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.	CVE-2020-12391

Vulnerability

Summary

Aliases

VCID-3cvj-hax2-aaam

A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVE-2020-12387

VCID-8btd-mrd4-aaaj

Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVE-2020-12395

VCID-8hk7-ga1w-aaab

Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76.

CVE-2020-12396

VCID-emz6-q5rr-aaaj

A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76.

CVE-2020-12394

VCID-pc9p-ccag-aaae

Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.

CVE-2020-12390

VCID-s65w-d57a-aaap

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVE-2020-12392

VCID-x1ua-dn9s-aaab

A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVE-2020-6831

VCID-zbny-98f4-aaae

Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.

CVE-2020-12391

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:44:18.311169+00:00	Arch Linux Importer	Fixing	VCID-3cvj-hax2-aaam	https://security.archlinux.org/AVG-1148	36.0.0
2025-03-28T07:44:18.277883+00:00	Arch Linux Importer	Fixing	VCID-pc9p-ccag-aaae	https://security.archlinux.org/AVG-1148	36.0.0
2025-03-28T07:44:18.242849+00:00	Arch Linux Importer	Fixing	VCID-zbny-98f4-aaae	https://security.archlinux.org/AVG-1148	36.0.0
2025-03-28T07:44:18.207949+00:00	Arch Linux Importer	Fixing	VCID-s65w-d57a-aaap	https://security.archlinux.org/AVG-1148	36.0.0
2025-03-28T07:44:18.172973+00:00	Arch Linux Importer	Fixing	VCID-emz6-q5rr-aaaj	https://security.archlinux.org/AVG-1148	36.0.0
2025-03-28T07:44:18.138132+00:00	Arch Linux Importer	Fixing	VCID-8btd-mrd4-aaaj	https://security.archlinux.org/AVG-1148	36.0.0
2025-03-28T07:44:18.103684+00:00	Arch Linux Importer	Fixing	VCID-8hk7-ga1w-aaab	https://security.archlinux.org/AVG-1148	36.0.0
2025-03-28T07:44:18.068298+00:00	Arch Linux Importer	Fixing	VCID-x1ua-dn9s-aaab	https://security.archlinux.org/AVG-1148	36.0.0
2024-09-18T01:59:23.918478+00:00	Arch Linux Importer	Fixing	VCID-3cvj-hax2-aaam	https://security.archlinux.org/AVG-1148	34.0.1
2024-09-18T01:59:23.893532+00:00	Arch Linux Importer	Fixing	VCID-pc9p-ccag-aaae	https://security.archlinux.org/AVG-1148	34.0.1
2024-09-18T01:59:23.869036+00:00	Arch Linux Importer	Fixing	VCID-zbny-98f4-aaae	https://security.archlinux.org/AVG-1148	34.0.1
2024-09-18T01:59:23.844448+00:00	Arch Linux Importer	Fixing	VCID-s65w-d57a-aaap	https://security.archlinux.org/AVG-1148	34.0.1
2024-09-18T01:59:23.820063+00:00	Arch Linux Importer	Fixing	VCID-emz6-q5rr-aaaj	https://security.archlinux.org/AVG-1148	34.0.1
2024-09-18T01:59:23.793239+00:00	Arch Linux Importer	Fixing	VCID-8btd-mrd4-aaaj	https://security.archlinux.org/AVG-1148	34.0.1
2024-09-18T01:59:23.766515+00:00	Arch Linux Importer	Fixing	VCID-8hk7-ga1w-aaab	https://security.archlinux.org/AVG-1148	34.0.1
2024-09-18T01:59:23.739173+00:00	Arch Linux Importer	Fixing	VCID-x1ua-dn9s-aaab	https://security.archlinux.org/AVG-1148	34.0.1
2024-01-20T12:06:19.988093+00:00	Arch Linux Importer	Fixing	VCID-3cvj-hax2-aaam	https://security.archlinux.org/AVG-1148	34.0.0rc2
2024-01-20T12:06:19.966319+00:00	Arch Linux Importer	Fixing	VCID-pc9p-ccag-aaae	https://security.archlinux.org/AVG-1148	34.0.0rc2
2024-01-20T12:06:19.944386+00:00	Arch Linux Importer	Fixing	VCID-zbny-98f4-aaae	https://security.archlinux.org/AVG-1148	34.0.0rc2
2024-01-20T12:06:19.922486+00:00	Arch Linux Importer	Fixing	VCID-s65w-d57a-aaap	https://security.archlinux.org/AVG-1148	34.0.0rc2
2024-01-20T12:06:19.900606+00:00	Arch Linux Importer	Fixing	VCID-emz6-q5rr-aaaj	https://security.archlinux.org/AVG-1148	34.0.0rc2
2024-01-20T12:06:19.878490+00:00	Arch Linux Importer	Fixing	VCID-8btd-mrd4-aaaj	https://security.archlinux.org/AVG-1148	34.0.0rc2
2024-01-20T12:06:19.856792+00:00	Arch Linux Importer	Fixing	VCID-8hk7-ga1w-aaab	https://security.archlinux.org/AVG-1148	34.0.0rc2
2024-01-20T12:06:19.834705+00:00	Arch Linux Importer	Fixing	VCID-x1ua-dn9s-aaab	https://security.archlinux.org/AVG-1148	34.0.0rc2
2024-01-03T22:25:41.366502+00:00	Arch Linux Importer	Fixing	VCID-3cvj-hax2-aaam	https://security.archlinux.org/AVG-1148	34.0.0rc1
2024-01-03T22:25:41.342399+00:00	Arch Linux Importer	Fixing	VCID-pc9p-ccag-aaae	https://security.archlinux.org/AVG-1148	34.0.0rc1
2024-01-03T22:25:41.316299+00:00	Arch Linux Importer	Fixing	VCID-zbny-98f4-aaae	https://security.archlinux.org/AVG-1148	34.0.0rc1
2024-01-03T22:25:41.289695+00:00	Arch Linux Importer	Fixing	VCID-s65w-d57a-aaap	https://security.archlinux.org/AVG-1148	34.0.0rc1
2024-01-03T22:25:41.263584+00:00	Arch Linux Importer	Fixing	VCID-emz6-q5rr-aaaj	https://security.archlinux.org/AVG-1148	34.0.0rc1
2024-01-03T22:25:41.237588+00:00	Arch Linux Importer	Fixing	VCID-8btd-mrd4-aaaj	https://security.archlinux.org/AVG-1148	34.0.0rc1
2024-01-03T22:25:41.211579+00:00	Arch Linux Importer	Fixing	VCID-8hk7-ga1w-aaab	https://security.archlinux.org/AVG-1148	34.0.0rc1
2024-01-03T22:25:41.187479+00:00	Arch Linux Importer	Fixing	VCID-x1ua-dn9s-aaab	https://security.archlinux.org/AVG-1148	34.0.0rc1

2025-03-28T07:44:18.311169+00:00

Arch Linux Importer

Fixing