{"containers": {"cna": {"affected": [{"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "68.7.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "74.0.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "68.6.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1."}], "problemTypes": [{"descriptions": [{"description": "Use-after-free when handling a ReadableStream", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-29T02:07:16", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-14/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-11/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1626728"}, {"name": "USN-4335-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4335-1/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2020-6820", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "68.7.0"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "74.0.1"}]}}, {"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "68.6.1"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use-after-free when handling a ReadableStream"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2020-14/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-14/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2020-11/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-11/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1626728", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1626728"}, {"name": "USN-4335-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4335-1/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:11:05.035Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-14/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-11/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1626728"}, {"name": "USN-4335-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4335-1/"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2020-6820", "datePublished": "2020-04-24T15:56:04", "dateReserved": "2020-01-10T00:00:00", "dateUpdated": "2024-08-04T09:11:05.035Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"cisaActionDue": "2022-05-03", "cisaExploitAdd": "2021-11-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Mozilla Firefox And Thunderbird Use-After-Free Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "781555D1-8E31-4BD3-9C51-40D7B43C9130", "versionEndExcluding": "74.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF6BBA3E-8B43-4D39-BE34-9D3E3A6A10CB", "versionEndExcluding": "68.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF7AEB5A-A52E-45E7-AFBF-546C351A4915", "versionEndExcluding": "68.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1."}, {"lang": "es", "value": "Bajo determinadas condiciones, cuando se maneja un ReadableStream, una condici\u00f3n de carrera puede causar un uso de la memoria previamente liberada. Somos conscientes de los ataques dirigidos \"in the wild\" que abusan de este fallo. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 68.7.0, Firefox versiones anteriores a 74.0.1 y Firefox ESR versiones anteriores a 68.6.1."}], "id": "CVE-2020-6820", "lastModified": "2024-11-21T05:36:14.313", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2020-04-24T16:15:13.463", "references": [{"source": "[email protected]", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1626728"}, {"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4335-1/"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-11/"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-14/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1626728"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4335-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-11/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-14/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "[email protected]", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Francisco Alonso and Javier Marcos as the original reporter.", "affected_release": [{"advisory": "RHSA-2020:1339", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "firefox-0:68.6.1-1.el6_10", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2020-04-07T00:00:00Z"}, {"advisory": "RHSA-2020:1488", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "thunderbird-0:68.7.0-1.el6_10", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2020-04-16T00:00:00Z"}, {"advisory": "RHSA-2020:1338", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:68.6.1-1.el7_8", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-04-07T00:00:00Z"}, {"advisory": "RHSA-2020:1489", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:68.7.0-1.el7_8", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-04-16T00:00:00Z"}, {"advisory": "RHSA-2020:1341", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:68.6.1-1.el8_1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-04-07T00:00:00Z"}, {"advisory": "RHSA-2020:1495", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:68.7.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-04-16T00:00:00Z"}, {"advisory": "RHSA-2020:1340", "cpe": "cpe:/a:redhat:rhel_e4s:8.0", "package": "firefox-0:68.6.1-1.el8_0", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-04-07T00:00:00Z"}, {"advisory": "RHSA-2020:1496", "cpe": "cpe:/a:redhat:rhel_e4s:8.0", "package": "thunderbird-0:68.7.0-1.el8_0", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-04-16T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Use-after-free when handling a ReadableStream", "id": "1820878", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820878"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.", "A flaw was found in Mozilla's Firefox. A race condition can occur when handling a ReadableStream causing a use-after-free memory issue. The highest threat from this vulnerability are to data confidentiality and integrity as well as system availability."], "name": "CVE-2020-6820", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2020-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-6820\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-6820\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-11/#CVE-2020-6820\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Critical", "upstream_fix": "firefox 68.6.1, firefox 74.0.1"}