{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T00:39:31.251","vulnerabilities":[{"cve":{"id":"CVE-2020-12406","sourceIdentifier":"security@mozilla.org","published":"2020-07-09T15:15:11.020","lastModified":"2024-11-21T04:59:39.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9."},{"lang":"es","value":"El desarrollador de Mozilla, Iain Ireland, detectó una falta de un tipo comprobación durante la eliminación de objetos sin caja, resultando en un bloqueo. Presumimos que con un esfuerzo suficiente podría ser explotado para ejecutar código arbitrario. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 68.9.0, Firefox versiones anteriores a 77 y Firefox ESR versiones anteriores a 68.9"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"77.0","matchCriteriaId":"953DA746-3B0F-4926-B859-CA94CD65E4F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","versionEndExcluding":"68.9.0","matchCriteriaId":"7113E7DB-1A88-4F93-AC2E-26DD06078EE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","versionEndExcluding":"68.9.0","matchCriteriaId":"A5275EC9-3455-4BAE-A71E-13205D5123E6"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","matchCriteriaId":"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","matchCriteriaId":"A31C8344-3E02-4EB8-8BD8-4C84B7959624"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","matchCriteriaId":"902B8056-9E37-443B-8905-8AA93E2447FB"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1639590","source":"security@mozilla.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://usn.ubuntu.com/4421-1/","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-20/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-21/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-22/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1639590","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://usn.ubuntu.com/4421-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-20/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-21/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2020-22/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}