CVE-2020-12395

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-12395

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-12395.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-12395

Downstream

DEBIAN-CVE-2020-12395

DLA-2205-1

DLA-2206-1

DSA-4678-1

DSA-4683-1

RHSA-2020:2031

RHSA-2020:2032

RHSA-2020:2033

RHSA-2020:2036

RHSA-2020:2037

RHSA-2020:2046

RHSA-2020:2047

RHSA-2020:2048

RHSA-2020:2049

RHSA-2020:2050

SUSE-SU-2020:1209-1

SUSE-SU-2020:1218-1

SUSE-SU-2020:1225-1

SUSE-SU-2020:14359-1

UBUNTU-CVE-2020-12395

USN-4353-1

USN-4373-1

openSUSE-SU-2020:0621-1

openSUSE-SU-2020:0643-1

openSUSE-SU-2024:10600-1

openSUSE-SU-2024:10601-1

openSUSE-SU-2024:14572-1

Related

Published

2020-05-26T17:15:10Z

Modified

2025-08-09T20:01:27Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

References

Affected packages