VulnerableCode Package Details - pkg:alpm/archlinux/thunderbird@68.7.0-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-47ec-jak8-aaab	Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.	CVE-2020-6820
VCID-4hms-r9gj-aaaq	Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.	CVE-2020-6819
VCID-9f6u-dw4a-aaan	Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 74.	CVE-2020-6815
VCID-yq28-51ue-aaae	When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.	CVE-2020-6821

Vulnerability

Summary

Aliases

VCID-47ec-jak8-aaab

Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

CVE-2020-6820

VCID-4hms-r9gj-aaaq

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

CVE-2020-6819

VCID-9f6u-dw4a-aaan

Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 74.

CVE-2020-6815

VCID-yq28-51ue-aaae

When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.

CVE-2020-6821

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:44:18.740056+00:00	Arch Linux Importer	Fixing	VCID-9f6u-dw4a-aaan	https://security.archlinux.org/AVG-1132	36.0.0
2025-03-28T07:44:18.705879+00:00	Arch Linux Importer	Fixing	VCID-4hms-r9gj-aaaq	https://security.archlinux.org/AVG-1132	36.0.0
2025-03-28T07:44:18.670800+00:00	Arch Linux Importer	Fixing	VCID-47ec-jak8-aaab	https://security.archlinux.org/AVG-1132	36.0.0
2025-03-28T07:44:18.637746+00:00	Arch Linux Importer	Fixing	VCID-yq28-51ue-aaae	https://security.archlinux.org/AVG-1132	36.0.0
2024-09-18T01:59:24.356653+00:00	Arch Linux Importer	Fixing	VCID-9f6u-dw4a-aaan	https://security.archlinux.org/AVG-1132	34.0.1
2024-09-18T01:59:24.330739+00:00	Arch Linux Importer	Fixing	VCID-4hms-r9gj-aaaq	https://security.archlinux.org/AVG-1132	34.0.1
2024-09-18T01:59:24.302676+00:00	Arch Linux Importer	Fixing	VCID-47ec-jak8-aaab	https://security.archlinux.org/AVG-1132	34.0.1
2024-09-18T01:59:24.276184+00:00	Arch Linux Importer	Fixing	VCID-yq28-51ue-aaae	https://security.archlinux.org/AVG-1132	34.0.1
2024-01-09T19:34:35.502422+00:00	Arch Linux Importer	Fixing	VCID-9f6u-dw4a-aaan	https://security.archlinux.org/AVG-1132	34.0.0rc2
2024-01-09T19:34:35.480108+00:00	Arch Linux Importer	Fixing	VCID-4hms-r9gj-aaaq	https://security.archlinux.org/AVG-1132	34.0.0rc2
2024-01-09T19:34:35.458014+00:00	Arch Linux Importer	Fixing	VCID-47ec-jak8-aaab	https://security.archlinux.org/AVG-1132	34.0.0rc2
2024-01-09T19:34:35.436037+00:00	Arch Linux Importer	Fixing	VCID-yq28-51ue-aaae	https://security.archlinux.org/AVG-1132	34.0.0rc2
2024-01-03T22:25:41.742966+00:00	Arch Linux Importer	Fixing	VCID-9f6u-dw4a-aaan	https://security.archlinux.org/AVG-1132	34.0.0rc1
2024-01-03T22:25:41.716765+00:00	Arch Linux Importer	Fixing	VCID-4hms-r9gj-aaaq	https://security.archlinux.org/AVG-1132	34.0.0rc1
2024-01-03T22:25:41.690537+00:00	Arch Linux Importer	Fixing	VCID-47ec-jak8-aaab	https://security.archlinux.org/AVG-1132	34.0.0rc1
2024-01-03T22:25:41.664479+00:00	Arch Linux Importer	Fixing	VCID-yq28-51ue-aaae	https://security.archlinux.org/AVG-1132	34.0.0rc1

2025-03-28T07:44:18.740056+00:00

Arch Linux Importer

Fixing