Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-2170-1 | firefox-esr security update |
![]() |
DLA-2172-1 | thunderbird security update |
![]() |
DSA-4653-1 | firefox-esr security update |
![]() |
DSA-4656-1 | thunderbird security update |
![]() |
EUVD-2020-27964 | Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1. |
![]() |
USN-4317-1 | Firefox vulnerabilities |
![]() |
USN-4328-1 | Thunderbird vulnerabilities |
![]() |
USN-4335-1 | Thunderbird vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 07 Feb 2025 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|
Wed, 14 Aug 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|

Status: PUBLISHED
Assigner: mozilla
Published:
Updated: 2025-07-30T01:45:43.402Z
Reserved: 2020-01-10T00:00:00.000Z
Link: CVE-2020-6820

Updated: 2024-08-04T09:11:05.035Z

Status : Analyzed
Published: 2020-04-24T16:15:13.463
Modified: 2025-03-21T20:01:36.743
Link: CVE-2020-6820


No data.