{"id":"CVE-2020-6821","details":"When reading from areas partially or fully outside the source resource with WebGL's \u003ccode\u003ecopyTexSubImage\u003c/code\u003e method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird \u003c 68.7.0, Firefox ESR \u003c 68.7, and Firefox \u003c 75.","modified":"2026-03-13T07:52:12.359684Z","published":"2020-04-24T16:15:13.510Z","related":["MGASA-2020-0170","SUSE-SU-2020:0971-1","SUSE-SU-2020:0978-1","SUSE-SU-2020:1027-1","SUSE-SU-2020:14339-1","openSUSE-SU-2020:0493-1","openSUSE-SU-2020:0520-1","openSUSE-SU-2020:0544-1","openSUSE-SU-2024:10600-1","openSUSE-SU-2024:10601-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"WEB"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4335-1/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2020-12/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2020-13/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2020-14/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1625404"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-6821.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"75.0"}]},{"events":[{"introduced":"0"},{"fixed":"68.7.0"}]},{"events":[{"introduced":"0"},{"fixed":"68.7.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}