[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-12406":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":341,"aliases":342,"duplicate_of":9,"upstream":343,"downstream":344,"duplicates":403,"related":404,"reserved_at":9,"published_at":416,"modified_at":417,"state":418,"summary":419,"references_raw":428,"kevs":455,"epss":456,"epss_history":459,"metrics":718,"affected":729},"CVE-2020-12406","Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003C 68.9.0, Firefox \u003C 77, and Firefox ESR \u003C 68.9.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-345","Insufficient Verification of Data Authenticity","The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.","weakness","Draft","Class",[19,23,76,88,109,113,117,121,125,129,133,337],{"id":20,"name":21,"techniques":22},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":24,"name":25,"techniques":26},"CAPEC-141","Cache Poisoning",[27],{"id":28,"name":29,"tactics":30,"countermeasures":37},"T1557.002","ARP Cache Poisoning",[31,34],{"id":32,"name":33},"TA0031","Credential Access",{"id":35,"name":36},"TA0100","Collection",[38,43,47,51,55,59,63,67,71],{"id":39,"name":40,"tactic":41},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":42},"Detect",{"id":44,"name":45,"tactic":46},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":42},{"id":48,"name":49,"tactic":50},"D3-CSPP","Client-server Payload Profiling",{"name":42},{"id":52,"name":53,"tactic":54},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":42},{"id":56,"name":57,"tactic":58},"D3-NTSA","Network Traffic Signature Analysis",{"name":42},{"id":60,"name":61,"tactic":62},"D3-APCA","Application Protocol Command Analysis",{"name":42},{"id":64,"name":65,"tactic":66},"D3-NTCD","Network Traffic Community Deviation",{"name":42},{"id":68,"name":69,"tactic":70},"D3-RTSD","Remote Terminal Session Detection",{"name":42},{"id":72,"name":73,"tactic":74},"D3-NTF","Network Traffic Filtering",{"name":75},"Isolate",{"id":77,"name":78,"techniques":79},"CAPEC-142","DNS Cache Poisoning",[80],{"id":81,"name":82,"tactics":83,"countermeasures":87},"T1584.002","DNS Server",[84],{"id":85,"name":86},"TA0042","Resource Development",[],{"id":89,"name":90,"techniques":91},"CAPEC-148","Content Spoofing",[92],{"id":93,"name":94,"tactics":95,"countermeasures":99},"T1491","Defacement",[96],{"id":97,"name":98},"TA0105","Impact",[100,105],{"id":101,"name":102,"tactic":103},"D3-DNR","Decoy Network Resource",{"name":104},"Deceive",{"id":106,"name":107,"tactic":108},"D3-NRAM","Network Resource Access Mediation",{"name":75},{"id":110,"name":111,"techniques":112},"CAPEC-218","Spoofing of UDDI/ebXML Messages",[],{"id":114,"name":115,"techniques":116},"CAPEC-384","Application API Message Manipulation via Man-in-the-Middle",[],{"id":118,"name":119,"techniques":120},"CAPEC-385","Transaction or Event Tampering via Application API Manipulation",[],{"id":122,"name":123,"techniques":124},"CAPEC-386","Application API Navigation Remapping",[],{"id":126,"name":127,"techniques":128},"CAPEC-387","Navigation Remapping To Propagate Malicious Content",[],{"id":130,"name":131,"techniques":132},"CAPEC-388","Application API Button Hijacking",[],{"id":134,"name":135,"techniques":136},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[137,173,213],{"id":138,"name":139,"tactics":140,"countermeasures":147},"T1211","Exploitation for Stealth",[141,144],{"id":142,"name":143},"TA0030","Defense Evasion",{"id":145,"name":146},"TA0005","Stealth",[148,152,156,160,165,169],{"id":149,"name":150,"tactic":151},"D3-MBT","Memory Boundary Tracking",{"name":42},{"id":153,"name":154,"tactic":155},"D3-PCSV","Process Code Segment Verification",{"name":42},{"id":157,"name":158,"tactic":159},"D3-SSC","Shadow Stack Comparisons",{"name":42},{"id":161,"name":162,"tactic":163},"D3-PSEP","Process Segment Execution Prevention",{"name":164},"Harden",{"id":166,"name":167,"tactic":168},"D3-SAOR","Segment Address Offset Randomization",{"name":164},{"id":170,"name":171,"tactic":172},"D3-SFCV","Stack Frame Canary Validation",{"name":164},{"id":174,"name":175,"tactics":176,"countermeasures":182},"T1542.002","Component Firmware",[177,178,179],{"id":142,"name":143},{"id":145,"name":146},{"id":180,"name":181},"TA0110","Persistence",[183,188,192,196,200,204,208],{"id":184,"name":185,"tactic":186},"D3-SWI","Software Inventory",{"name":187},"Model",{"id":189,"name":190,"tactic":191},"D3-AVE","Asset Vulnerability Enumeration",{"name":187},{"id":193,"name":194,"tactic":195},"D3-FEMC","Firmware Embedded Monitoring Code",{"name":42},{"id":197,"name":198,"tactic":199},"D3-FV","Firmware Verification",{"name":42},{"id":201,"name":202,"tactic":203},"D3-FBA","Firmware Behavior Analysis",{"name":42},{"id":205,"name":206,"tactic":207},"D3-SU","Software Update",{"name":164},{"id":209,"name":210,"tactic":211},"D3-RS","Restore Software",{"name":212},"Restore",{"id":214,"name":215,"tactics":216,"countermeasures":223},"T1556","Modify Authentication Process",[217,218,221,222],{"id":142,"name":143},{"id":219,"name":220},"TA0112","Defense Impairment",{"id":180,"name":181},{"id":32,"name":33},[224,228,232,236,240,244,248,252,256,260,265,269,273,277,281,285,289,293,297,301,305,309,313,317,321,325,329,333],{"id":225,"name":226,"tactic":227},"D3-CI","Configuration Inventory",{"name":187},{"id":229,"name":230,"tactic":231},"D3-NTPM","Network Traffic Policy Mapping",{"name":187},{"id":233,"name":234,"tactic":235},"D3-AM","Access Modeling",{"name":187},{"id":237,"name":238,"tactic":239},"D3-FA","File Analysis",{"name":42},{"id":241,"name":242,"tactic":243},"D3-FIM","File Integrity Monitoring",{"name":42},{"id":245,"name":246,"tactic":247},"D3-PLA","Process Lineage Analysis",{"name":42},{"id":249,"name":250,"tactic":251},"D3-PSMD","Process Self-Modification Detection",{"name":42},{"id":253,"name":254,"tactic":255},"D3-PSA","Process Spawn Analysis",{"name":42},{"id":257,"name":258,"tactic":259},"D3-SFA","System File Analysis",{"name":42},{"id":261,"name":262,"tactic":263},"D3-FEV","File Eviction",{"name":264},"Evict",{"id":266,"name":267,"tactic":268},"D3-PT","Process Termination",{"name":264},{"id":270,"name":271,"tactic":272},"D3-PS","Process Suspension",{"name":264},{"id":274,"name":275,"tactic":276},"D3-HR","Host Reboot",{"name":264},{"id":278,"name":279,"tactic":280},"D3-HS","Host Shutdown",{"name":264},{"id":282,"name":283,"tactic":284},"D3-DF","Decoy File",{"name":104},{"id":286,"name":287,"tactic":288},"D3-FE","File Encryption",{"name":164},{"id":290,"name":291,"tactic":292},"D3-RF","Restore File",{"name":212},{"id":294,"name":295,"tactic":296},"D3-RC","Restore Configuration",{"name":212},{"id":298,"name":299,"tactic":300},"D3-CF","Content Filtering",{"name":75},{"id":302,"name":303,"tactic":304},"D3-LFP","Local File Permissions",{"name":75},{"id":306,"name":307,"tactic":308},"D3-RFAM","Remote File Access Mediation",{"name":75},{"id":310,"name":311,"tactic":312},"D3-CQ","Content Quarantine",{"name":75},{"id":314,"name":315,"tactic":316},"D3-CM","Content Modification",{"name":75},{"id":318,"name":319,"tactic":320},"D3-KBPI","Kernel-based Process Isolation",{"name":75},{"id":322,"name":323,"tactic":324},"D3-SCF","System Call Filtering",{"name":75},{"id":326,"name":327,"tactic":328},"D3-HBPI","Hardware-based Process Isolation",{"name":75},{"id":330,"name":331,"tactic":332},"D3-ABPI","Application-based Process Isolation",{"name":75},{"id":334,"name":335,"tactic":336},"D3-WSAM","Web Session Access Mediation",{"name":75},{"id":338,"name":339,"techniques":340},"CAPEC-701","Browser in the Middle (BiTM)",[],[],[],[],[345,347,349,351,353,355,357,359,361,363,365,367,369,371,373,375,377,379,381,383,385,387,389,391,393,395,397,399,401],{"_key":346},"SUSE-SU-2020:14389-1",{"_key":348},"RHSA-2020:2378",{"_key":350},"RHSA-2020:2379",{"_key":352},"RHSA-2020:2380",{"_key":354},"RHSA-2020:2381",{"_key":356},"RHSA-2020:2382",{"_key":358},"RHSA-2020:2611",{"_key":360},"RHSA-2020:2613",{"_key":362},"RHSA-2020:2614",{"_key":364},"RHSA-2020:2615",{"_key":366},"RHSA-2020:2616",{"_key":368},"OPENSUSE-SU-2024:10601-1",{"_key":370},"SUSE-SU-2020:1556-1",{"_key":372},"SUSE-SU-2020:1563-1",{"_key":374},"SUSE-SU-2020:1591-1",{"_key":376},"SUSE-SU-2020:1591-2",{"_key":378},"OPENSUSE-SU-2020:0789-1",{"_key":380},"OPENSUSE-SU-2020:0799-1",{"_key":382},"OPENSUSE-SU-2024:10600-1",{"_key":384},"OPENSUSE-SU-2024:14572-1",{"_key":386},"DLA-2243-1",{"_key":388},"DLA-2247-1",{"_key":390},"DSA-4695-1",{"_key":392},"DSA-4702-1",{"_key":394},"MGASA-2020-0300",{"_key":396},"UBUNTU-CVE-2020-12406",{"_key":398},"USN-4383-1",{"_key":400},"USN-4421-1",{"_key":402},"DEBIAN-CVE-2020-12406",[],[405,406,407,408,409,410,411,412,413,414,415],{"_key":346},{"_key":368},{"_key":370},{"_key":372},{"_key":374},{"_key":376},{"_key":378},{"_key":380},{"_key":382},{"_key":384},{"_key":394},"2020-07-09T14:45:21.000Z","2024-08-04T11:56:51.745Z","Modified",{"cisa_kev":420,"cisa_ransomware":420,"cisa_vendor":9,"epss_severity":421,"epss_score":422,"severity":423,"severity_score":424,"severity_version":425,"severity_source":426,"severity_vector":427,"severity_status":418},false,"low",0.0025,"high",9.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:C/I:C/A:C",[429,436,440,444,449],{"url":430,"sources":431,"tags":433},"https://www.mozilla.org/security/advisories/mfsa2020-20/",[432,426],"cve.org",[434,435],"X Refsource MISC","Vendor Advisory",{"url":437,"sources":438,"tags":439},"https://www.mozilla.org/security/advisories/mfsa2020-21/",[432,426],[434,435],{"url":441,"sources":442,"tags":443},"https://www.mozilla.org/security/advisories/mfsa2020-22/",[432,426],[434,435],{"url":445,"sources":446,"tags":447},"https://bugzilla.mozilla.org/show_bug.cgi?id=1639590",[432,426],[434,448,435],"Issue Tracking",{"url":450,"sources":451,"tags":452},"https://usn.ubuntu.com/4421-1/",[432,426],[435,453,454],"X Refsource UBUNTU","Third Party Advisory",[],{"date":457,"score":422,"percentile":458},"2026-06-04",0.48587,[460,464,467,470,473,476,479,482,485,488,491,494,497,500,502,506,509,512,515,518,520,523,526,529,532,535,538,541,544,547,550,553,555,558,561,563,565,568,571,574,577,580,583,586,589,592,595,598,601,603,606,609,612,615,619,622,625,627,630,633,636,639,642,645,647,650,653,656,659,662,665,668,670,672,675,678,680,683,686,688,690,693,696,699,702,705,708,711,713,715],{"date":461,"score":462,"percentile":463},"2025-11-04",0.00355,0.57149,{"date":465,"score":462,"percentile":466},"2025-11-05",0.57129,{"date":468,"score":462,"percentile":469},"2025-11-06",0.5713,{"date":471,"score":462,"percentile":472},"2025-11-07",0.57144,{"date":474,"score":462,"percentile":475},"2025-11-08",0.57148,{"date":477,"score":462,"percentile":478},"2025-11-09",0.57135,{"date":480,"score":462,"percentile":481},"2025-11-10",0.57111,{"date":483,"score":462,"percentile":484},"2025-11-11",0.57123,{"date":486,"score":462,"percentile":487},"2025-11-12",0.57146,{"date":489,"score":462,"percentile":490},"2025-11-13",0.57151,{"date":492,"score":462,"percentile":493},"2025-11-14",0.57153,{"date":495,"score":462,"percentile":496},"2025-11-15",0.57143,{"date":498,"score":462,"percentile":499},"2025-11-16",0.57127,{"date":501,"score":462,"percentile":484},"2025-11-17",{"date":503,"score":504,"percentile":505},"2025-11-18",0.00322,0.52238,{"date":507,"score":504,"percentile":508},"2025-11-19",0.5225,{"date":510,"score":504,"percentile":511},"2025-11-20",0.52239,{"date":513,"score":462,"percentile":514},"2025-11-21",0.57142,{"date":516,"score":462,"percentile":517},"2025-11-22",0.57137,{"date":519,"score":462,"percentile":481},"2025-11-23",{"date":521,"score":462,"percentile":522},"2025-11-24",0.57103,{"date":524,"score":462,"percentile":525},"2025-11-25",0.57106,{"date":527,"score":462,"percentile":528},"2025-11-26",0.57109,{"date":530,"score":462,"percentile":531},"2025-11-27",0.5711,{"date":533,"score":462,"percentile":534},"2025-11-28",0.57086,{"date":536,"score":462,"percentile":537},"2025-11-29",0.57074,{"date":539,"score":462,"percentile":540},"2025-11-30",0.57068,{"date":542,"score":462,"percentile":543},"2025-12-01",0.57222,{"date":545,"score":462,"percentile":546},"2025-12-02",0.57238,{"date":548,"score":462,"percentile":549},"2025-12-03",0.57237,{"date":551,"score":462,"percentile":552},"2025-12-04",0.57071,{"date":554,"score":462,"percentile":534},"2025-12-05",{"date":556,"score":462,"percentile":557},"2025-12-06",0.57085,{"date":559,"score":462,"percentile":560},"2025-12-07",0.57082,{"date":562,"score":462,"percentile":557},"2025-12-08",{"date":564,"score":462,"percentile":531},"2025-12-09",{"date":566,"score":462,"percentile":567},"2025-12-10",0.57165,{"date":569,"score":462,"percentile":570},"2025-12-11",0.5719,{"date":572,"score":462,"percentile":573},"2025-12-12",0.57214,{"date":575,"score":462,"percentile":576},"2025-12-13",0.57211,{"date":578,"score":462,"percentile":579},"2025-12-14",0.57212,{"date":581,"score":462,"percentile":582},"2025-12-15",0.57196,{"date":584,"score":462,"percentile":585},"2025-12-16",0.57209,{"date":587,"score":462,"percentile":588},"2025-12-17",0.57224,{"date":590,"score":462,"percentile":591},"2025-12-18",0.57259,{"date":593,"score":462,"percentile":594},"2025-12-19",0.57266,{"date":596,"score":462,"percentile":597},"2025-12-20",0.57262,{"date":599,"score":462,"percentile":600},"2025-12-21",0.57243,{"date":602,"score":462,"percentile":588},"2025-12-22",{"date":604,"score":462,"percentile":605},"2025-12-23",0.57231,{"date":607,"score":462,"percentile":608},"2025-12-24",0.57242,{"date":610,"score":462,"percentile":611},"2025-12-25",0.57288,{"date":613,"score":462,"percentile":614},"2025-12-26",0.57282,{"date":616,"score":617,"percentile":618},"2025-12-27",0.00342,0.56423,{"date":620,"score":462,"percentile":621},"2025-12-28",0.57253,{"date":623,"score":462,"percentile":624},"2025-12-29",0.57244,{"date":626,"score":462,"percentile":624},"2025-12-30",{"date":628,"score":462,"percentile":629},"2025-12-31",0.57279,{"date":631,"score":462,"percentile":632},"2026-01-01",0.57445,{"date":634,"score":462,"percentile":635},"2026-01-02",0.57427,{"date":637,"score":462,"percentile":638},"2026-01-03",0.57424,{"date":640,"score":462,"percentile":641},"2026-01-04",0.57252,{"date":643,"score":462,"percentile":644},"2026-01-05",0.57241,{"date":646,"score":462,"percentile":641},"2026-01-06",{"date":648,"score":462,"percentile":649},"2026-01-07",0.57277,{"date":651,"score":462,"percentile":652},"2026-01-08",0.57298,{"date":654,"score":462,"percentile":655},"2026-01-09",0.57301,{"date":657,"score":462,"percentile":658},"2026-01-10",0.57299,{"date":660,"score":462,"percentile":661},"2026-01-11",0.57283,{"date":663,"score":462,"percentile":664},"2026-01-12",0.57248,{"date":666,"score":462,"percentile":667},"2026-01-13",0.57219,{"date":669,"score":462,"percentile":597},"2026-01-14",{"date":671,"score":462,"percentile":594},"2026-01-15",{"date":673,"score":462,"percentile":674},"2026-01-16",0.57292,{"date":676,"score":462,"percentile":677},"2026-01-17",0.57281,{"date":679,"score":462,"percentile":614},"2026-01-18",{"date":681,"score":462,"percentile":682},"2026-01-19",0.5727,{"date":684,"score":462,"percentile":685},"2026-01-20",0.57274,{"date":687,"score":462,"percentile":614},"2026-01-21",{"date":689,"score":462,"percentile":677},"2026-01-22",{"date":691,"score":462,"percentile":692},"2026-01-23",0.57319,{"date":694,"score":462,"percentile":695},"2026-01-24",0.57324,{"date":697,"score":462,"percentile":698},"2026-01-25",0.57289,{"date":700,"score":462,"percentile":701},"2026-01-26",0.57276,{"date":703,"score":462,"percentile":704},"2026-01-27",0.57286,{"date":706,"score":462,"percentile":707},"2026-01-28",0.57295,{"date":709,"score":462,"percentile":710},"2026-01-29",0.57296,{"date":712,"score":462,"percentile":710},"2026-01-30",{"date":714,"score":462,"percentile":652},"2026-01-31",{"date":716,"score":462,"percentile":717},"2026-02-01",0.57437,[719],{"source":426,"cvss_v2_0":720,"cvss_v3_0":9,"cvss_v3_1":723,"cvss_v4_0":9},{"baseScore":424,"baseSeverity":9,"vectorString":427,"impactScore":721,"exploitabilityScore":722},10,8.6,{"baseScore":724,"baseSeverity":725,"vectorString":726,"impactScore":727,"exploitabilityScore":728},8.8,"HIGH","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",9.8,7.2,[730,745,761,771],{"ecosystem":9,"name":731,"vendor":732,"product":733,"cpe_part":734,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":735},"ubuntu linux","canonical","ubuntu_linux","o",[736,739,741,743],{"version":737,"is_range":420,"range_type":738,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04","cpe",{"version":740,"is_range":420,"range_type":738,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":742,"is_range":420,"range_type":738,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.10",{"version":744,"is_range":420,"range_type":738,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.04",{"ecosystem":9,"name":746,"vendor":747,"product":748,"cpe_part":749,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":750},"Firefox","mozilla","firefox","a",[751,756],{"version":752,"is_range":753,"range_type":738,"version_start":9,"version_start_type":9,"version_end":754,"version_end_type":755,"fixed_in":9},"lt77.0",true,"77.0","excluding",{"version":757,"is_range":753,"range_type":432,"version_start":758,"version_start_type":759,"version_end":760,"version_end_type":755,"fixed_in":9},">= unspecified, \u003C 77","unspecified","including","77",{"ecosystem":9,"name":762,"vendor":747,"product":763,"cpe_part":749,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":764},"firefox esr","firefox_esr",[765,768],{"version":766,"is_range":753,"range_type":738,"version_start":9,"version_start_type":9,"version_end":767,"version_end_type":755,"fixed_in":9},"lt68.9.0","68.9.0",{"version":769,"is_range":753,"range_type":432,"version_start":758,"version_start_type":759,"version_end":770,"version_end_type":755,"fixed_in":9},">= unspecified, \u003C 68.9","68.9",{"ecosystem":9,"name":772,"vendor":747,"product":773,"cpe_part":749,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":774},"Thunderbird","thunderbird",[775,776],{"version":766,"is_range":753,"range_type":738,"version_start":9,"version_start_type":9,"version_end":767,"version_end_type":755,"fixed_in":9},{"version":777,"is_range":753,"range_type":432,"version_start":758,"version_start_type":759,"version_end":767,"version_end_type":755,"fixed_in":9},">= unspecified, \u003C 68.9.0"]