2020-04-24 15:55:25
mozilla
PUBLISHED
When reading from areas partially or fully outside the source resource with WebGLs copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.