CVE-2020-6820 log

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
A use-after-free vulnerability has been found in Firefox before 74.0.1 and Thunderbird before 68.7.0 where, under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. Mozilla is aware of targeted attacks in the wild abusing this flaw.
Group Package Affected Fixed Severity Status Ticket
AVG-1132 thunderbird 68.6.0-2 68.7.0-1 Critical Fixed
AVG-1125 firefox 74.0-2 74.0.1-1 Critical Fixed
Date Advisory Group Package Severity Type
04 Apr 2020 ASA-202004-6 AVG-1125 firefox Critical arbitrary code execution
13 Apr 2020 ASA-202004-12 AVG-1132 thunderbird Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/#CVE-2020-6820
https://bugzilla.mozilla.org/show_bug.cgi?id=1626728