| CVE-2020-12410 |
High |
Yes |
Arbitrary code execution |
Mozilla developers Tom Tung and Karl Tomlinson reported memory safety bugs present in Firefox 76, Firefox ESR 68.8 and Thunderbird before 68.9.0. Some of... |
| CVE-2020-12406 |
High |
Yes |
Arbitrary code execution |
Mozilla Developer Iain Ireland discovered a missing type check in Firefox before 77.0 and Thunderbird before 68.9.0 during unboxed objects removal,... |
| CVE-2020-12405 |
High |
Yes |
Denial of service |
When browsing a malicious page in Firefox before 77.0 and Thunderbird before 68.9.0, a race condition in our SharedWorkerService could occur and lead to a... |
| CVE-2020-12399 |
High |
Yes |
Private key recovery |
NSS before 3.52.1, as used in Firefox before 77.0 and Thunderbird before 68.9.0, has shown timing differences when performing DSA signatures, which was... |
| CVE-2020-12398 |
High |
Yes |
Man-in-the-middle |
A security downgrade issue has been found in Thunderbird before 68.9.0. If Thunderbird is configured to use STARTTLS for an IMAP server, and the server... |