CVE-2020-26974

EPSS 0.76% · P73 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-26974

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Mozilla Firefox 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 中存在缓冲区错误漏洞。当在表包装器上使用flex-basis时，StyleGenericFlexBasis对象可能会被错误地转换为错误的类型。这将导致堆用户释放、内存损坏和潜在可利用的崩溃。以下产品和版本受到影响：Firefox < 84、Thunderbird < 78.6和Firefox ESR < 78.6

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Mozilla	Firefox	unspecified ~ 84	-
Mozilla	Thunderbird	unspecified ~ 78.6	-
Mozilla	Firefox ESR	unspecified ~ 78.6	-

II. Public POCs for CVE-2020-26974

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-26974

请登录查看更多情报信息。

https://www.mozilla.org/security/advisories/mfsa2020-54/x_refsource_MISC
https://www.mozilla.org/security/advisories/mfsa2020-55/x_refsource_MISC
https://bugzilla.mozilla.org/show_bug.cgi?id=1681022x_refsource_MISC
https://www.mozilla.org/security/advisories/mfsa2020-56/x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-26974

Same Patch Batch · Mozilla · 2021-01-07 · 13 CVEs total

CVE-2020-26971		Mozilla Firefox 缓冲区错误漏洞
CVE-2020-26972		Mozilla Firefox 资源管理错误漏洞
CVE-2020-26973		Mozilla Firefox 安全漏洞
CVE-2020-26975		Mozilla Firefox 安全漏洞
CVE-2020-26976		Mozilla Firefox 安全漏洞
CVE-2020-26977		Mozilla Firefox 安全漏洞
CVE-2020-26978		Mozilla Firefox 信息泄露漏洞
CVE-2020-26979		Mozilla Firefox 输入验证错误漏洞
CVE-2020-35111		Mozilla Firefox 安全漏洞
CVE-2020-35112		Mozilla Firefox 安全漏洞
CVE-2020-35113		Mozilla Firefox 缓冲区错误漏洞
CVE-2020-35114		Mozilla Firefox 缓冲区错误漏洞

IV. Related Vulnerabilities

Same product: Firefox

Same vendor: Mozilla

V. Comments for CVE-2020-26974

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-26974

I. Basic Information for CVE-2020-26974

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-26974

III. Intelligence Information for CVE-2020-26974

Same Patch Batch · Mozilla · 2021-01-07 · 13 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-26974

Leave a comment