Lucene search
Alpine Linux Development TeamALPINE:CVE-2020-6820HistoryApr 24, 2020 - 4:15 p.m.
CVE-2020-6820
2020-04-2416:15:13
Alpine Linux Development Team
security.alpinelinux.org
19
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0.009
Percentile
82.7%
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | firefox-esr | < 68.6.1-r0 | UNKNOWN |
| Alpine | edge-community | noarch | firefox | < 74.0.1-r0 | UNKNOWN |
| Alpine | edge-community | noarch | librewolf | < 74.0.1-r0 | UNKNOWN |
| Alpine | edge-community | noarch | thunderbird | < 68.7.0-r0 | UNKNOWN |
| Alpine | 3.11-community | noarch | firefox-esr | < 68.6.1-r0 | UNKNOWN |
| Alpine | 3.12-community | noarch | firefox-esr | < 68.6.1-r0 | UNKNOWN |
| Alpine | 3.12-community | noarch | firefox | < 74.0.1-r0 | UNKNOWN |
| Alpine | 3.12-community | noarch | mozjs68 | < 68.7.0-r0 | UNKNOWN |
| Alpine | 3.13-community | noarch | firefox-esr | < 68.6.1-r0 | UNKNOWN |
| Alpine | 3.13-community | noarch | firefox | < 74.0.1-r0 | UNKNOWN |
Related
attackerkb
attackerkb
CVE-2020-6820
2020-04-24 00:00:00
redhatcve
redhatcve
CVE-2020-6820
2020-04-04 12:05:29
nvd
nvd
CVE-2020-6820
2020-04-24 16:15:13
ubuntucve
ubuntucve
CVE-2020-6820
2020-04-03 00:00:00
cve
cve
CVE-2020-6820
2020-04-24 16:15:13
ibm
ibm
cisa_kev
cisa_kev
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
2021-11-03 00:00:00
prion
prion
Race condition
2020-04-24 16:15:00
cvelist
cvelist
CVE-2020-6820
2020-04-24 15:56:04
veracode
veracode
Denial Of Service (DoS)
2020-04-08 00:44:28
debiancve
debiancve
CVE-2020-6820
2020-04-24 16:15:13
redhat
redhat
(RHSA-2020:1339) Critical: firefox security update
2020-04-07 07:39:52
(RHSA-2020:1340) Critical: firefox security update
2020-04-07 07:05:11
(RHSA-2020:1338) Critical: firefox security update
2020-04-07 07:45:26
openvas
openvas
Slackware: Security Advisory (SSA:2020-094-01)
2022-04-21 00:00:00
Ubuntu: Security Advisory (USN-4317-1)
2020-04-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:14337-1)
2021-06-09 00:00:00
mageia
mageia
Updated firefox packages fix security vulnerabilities
2020-04-05 20:07:15
Updated thunderbird packages fix security vulnerabilities
2020-04-15 13:12:14
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1 — Mozilla
2020-04-03 00:00:00
Security Vulnerabilities fixed in Thunderbird 68.7.0 — Mozilla
2020-04-09 00:00:00
nessus
nessus
Oracle Linux 8 : firefox (ELSA-2020-1341)
2020-04-10 00:00:00
openSUSE Security Update : MozillaFirefox (openSUSE-2020-461)
2020-04-07 00:00:00
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0928-1)
2020-04-07 00:00:00
oraclelinux
oraclelinux
firefox security update
2020-04-09 00:00:00
firefox security update
2020-04-11 00:00:00
firefox security update
2020-07-07 00:00:00
kaspersky
kaspersky
KLA11712 Multiple vulnerabilities in Mozilla Firefox ESR
2020-04-03 00:00:00
KLA11711 Multiple vulnerabilities in Mozilla Firefox
2020-04-03 00:00:00
KLA11730 Multiple vulnerabilities in Mozilla Thunderbird
2020-04-09 00:00:00
centos
centos
firefox security update
2020-04-08 15:31:17
thunderbird security update
2020-04-30 19:57:02
thunderbird security update
2020-04-28 00:21:12
suse
suse
Security update for MozillaFirefox (critical)
2020-04-06 00:00:00
Security update for MozillaThunderbird (important)
2020-04-15 00:00:00
Security update for MozillaThunderbird (important)
2020-04-23 00:00:00
threatpost
threatpost
Firefox Zero-Day Flaws Exploited in the Wild Get Patched
2020-04-04 13:28:43
debian
debian
[SECURITY] [DSA 4653-1] firefox-esr security update
2020-04-04 15:20:25
[SECURITY] [DLA 2170-1] firefox-esr security update
2020-04-08 11:36:20
[SECURITY] [DLA 2172-1] thunderbird security update
2020-04-14 10:27:34
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 68.6.1-alt1
2020-04-04 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 68.7.0-alt1
2020-04-08 00:00:00
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2020-04-04 00:00:00
archlinux
archlinux
[ASA-202004-6] firefox: arbitrary code execution
2020-04-04 00:00:00
[ASA-202004-12] thunderbird: multiple issues
2020-04-13 00:00:00
osv
osv
firefox-esr - security update
2020-04-04 00:00:00
firefox-esr - security update
2020-04-08 00:00:00
thunderbird - security update
2020-04-14 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2020-04-04 00:00:00
Thunderbird vulnerabilities
2020-04-13 00:00:00
Thunderbird vulnerabilities
2020-04-21 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2020-04-04 00:08:09
amazon
amazon
Critical: thunderbird
2020-05-19 18:32:00
securelist
securelist
IT threat evolution Q2 2020. PC statistics
2020-09-03 10:30:23
googleprojectzero
googleprojectzero
Déjà vu-lnerability
2021-02-03 00:00:00
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0.009
Percentile
82.7%
Related for ALPINE:CVE-2020-6820