CVE-2020-15678

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 81 Thunderbird versions prior to 78.3 Firefox ESR versions prior to 78.3

Description A potential use-after-free issue occurs due to an iterator becoming invalid when recursing through graphical layers while scrolling. This is caused by the function APZCTreeManager::ComputeClippedCompositionBounds not following iterator invalidation rules.

Recommendations For Firefox versions prior to 81, update to version 81 or later. For Thunderbird versions prior to 78.3, update to version 78.3 or later. For Firefox ESR versions prior to 78.3, update to version 78.3 or later.