VulnerableCode Package Details - pkg:alpm/archlinux/thunderbird@68.6.0-2

Search for packages

Vulnerability	Summary	Fixed by
VCID-47ec-jak8-aaab Aliases: CVE-2020-6820	Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.	68.7.0-1 Affected by 0 other vulnerabilities.
VCID-4hms-r9gj-aaaq Aliases: CVE-2020-6819	Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.	68.7.0-1 Affected by 0 other vulnerabilities.
VCID-9f6u-dw4a-aaan Aliases: CVE-2020-6815	Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 74.	68.7.0-1 Affected by 0 other vulnerabilities.
VCID-yq28-51ue-aaae Aliases: CVE-2020-6821	When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.	68.7.0-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-47ec-jak8-aaab
Aliases:
CVE-2020-6820

Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

68.7.0-1
Affected by 0 other vulnerabilities.

VCID-4hms-r9gj-aaaq
Aliases:
CVE-2020-6819

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

68.7.0-1
Affected by 0 other vulnerabilities.

VCID-9f6u-dw4a-aaan
Aliases:
CVE-2020-6815

Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 74.

68.7.0-1
Affected by 0 other vulnerabilities.

VCID-yq28-51ue-aaae
Aliases:
CVE-2020-6821

When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.

68.7.0-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:44:18.735653+00:00	Arch Linux Importer	Affected by	VCID-9f6u-dw4a-aaan	https://security.archlinux.org/AVG-1132	36.0.0
2025-03-28T07:44:18.700745+00:00	Arch Linux Importer	Affected by	VCID-4hms-r9gj-aaaq	https://security.archlinux.org/AVG-1132	36.0.0
2025-03-28T07:44:18.665642+00:00	Arch Linux Importer	Affected by	VCID-47ec-jak8-aaab	https://security.archlinux.org/AVG-1132	36.0.0
2025-03-28T07:44:18.633308+00:00	Arch Linux Importer	Affected by	VCID-yq28-51ue-aaae	https://security.archlinux.org/AVG-1132	36.0.0
2024-09-18T01:59:24.351831+00:00	Arch Linux Importer	Affected by	VCID-9f6u-dw4a-aaan	https://security.archlinux.org/AVG-1132	34.0.1
2024-09-18T01:59:24.325917+00:00	Arch Linux Importer	Affected by	VCID-4hms-r9gj-aaaq	https://security.archlinux.org/AVG-1132	34.0.1
2024-09-18T01:59:24.297832+00:00	Arch Linux Importer	Affected by	VCID-47ec-jak8-aaab	https://security.archlinux.org/AVG-1132	34.0.1
2024-09-18T01:59:24.271327+00:00	Arch Linux Importer	Affected by	VCID-yq28-51ue-aaae	https://security.archlinux.org/AVG-1132	34.0.1
2024-01-09T19:34:35.497763+00:00	Arch Linux Importer	Affected by	VCID-9f6u-dw4a-aaan	https://security.archlinux.org/AVG-1132	34.0.0rc2
2024-01-09T19:34:35.475308+00:00	Arch Linux Importer	Affected by	VCID-4hms-r9gj-aaaq	https://security.archlinux.org/AVG-1132	34.0.0rc2
2024-01-09T19:34:35.453358+00:00	Arch Linux Importer	Affected by	VCID-47ec-jak8-aaab	https://security.archlinux.org/AVG-1132	34.0.0rc2
2024-01-09T19:34:35.431270+00:00	Arch Linux Importer	Affected by	VCID-yq28-51ue-aaae	https://security.archlinux.org/AVG-1132	34.0.0rc2
2024-01-03T22:25:41.738068+00:00	Arch Linux Importer	Affected by	VCID-9f6u-dw4a-aaan	https://security.archlinux.org/AVG-1132	34.0.0rc1
2024-01-03T22:25:41.711993+00:00	Arch Linux Importer	Affected by	VCID-4hms-r9gj-aaaq	https://security.archlinux.org/AVG-1132	34.0.0rc1
2024-01-03T22:25:41.685864+00:00	Arch Linux Importer	Affected by	VCID-47ec-jak8-aaab	https://security.archlinux.org/AVG-1132	34.0.0rc1
2024-01-03T22:25:41.659579+00:00	Arch Linux Importer	Affected by	VCID-yq28-51ue-aaae	https://security.archlinux.org/AVG-1132	34.0.0rc1

2025-03-28T07:44:18.735653+00:00

Arch Linux Importer

Affected by

Next non-vulnerable version	68.7.0-1
Latest non-vulnerable version	91.10-1
Risk	10.0