Search CVE reports
1211 – 1220 of 2389 results
Some fixes available 30 of 40
A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled...
5 affected packages
mozjs52, mozjs60, firefox, mozjs38, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mozjs52 | — | Not in release | Not in release | Ignored | Ignored |
| mozjs60 | — | Not in release | Not in release | Not in release | Not in release |
| firefox | — | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Not in release | Ignored |
| thunderbird | — | Fixed | Fixed | Fixed | Fixed |
Some fixes available 30 of 40
The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a...
5 affected packages
mozjs52, mozjs38, firefox, mozjs60, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mozjs52 | — | Not in release | Not in release | Ignored | Ignored |
| mozjs38 | — | Not in release | Not in release | Not in release | Ignored |
| firefox | — | Fixed | Fixed | Fixed | Fixed |
| mozjs60 | — | Not in release | Not in release | Not in release | Not in release |
| thunderbird | — | Fixed | Fixed | Fixed | Fixed |
Some fixes available 30 of 40
The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered...
5 affected packages
mozjs52, mozjs38, mozjs60, firefox, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mozjs52 | — | Not in release | Not in release | Ignored | Ignored |
| mozjs38 | — | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | — | Not in release | Not in release | Not in release | Not in release |
| firefox | — | Fixed | Fixed | Fixed | Fixed |
| thunderbird | — | Fixed | Fixed | Fixed | Fixed |
Some fixes available 30 of 40
A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This...
5 affected packages
mozjs52, firefox, mozjs38, mozjs60, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mozjs52 | — | Not in release | Not in release | Ignored | Ignored |
| firefox | — | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | — | Not in release | Not in release | Not in release | Not in release |
| thunderbird | — | Fixed | Fixed | Fixed | Fixed |
Some fixes available 30 of 40
Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort...
5 affected packages
mozjs52, firefox, mozjs38, mozjs60, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mozjs52 | — | Not in release | Not in release | Ignored | Ignored |
| firefox | — | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | — | Not in release | Not in release | Not in release | Not in release |
| thunderbird | — | Fixed | Fixed | Fixed | Fixed |
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
2 affected packages
chromium-browser, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| thunderbird | — | — | — | — | Fixed |
Some fixes available 29 of 39
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy...
6 affected packages
firefox, firefox-esr, mozjs38, mozjs52, mozjs60, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Fixed | Fixed | Fixed | Fixed |
| firefox-esr | — | Not in release | Not in release | Not in release | Not in release |
| mozjs38 | — | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Not in release | Ignored | Ignored |
| mozjs60 | — | Not in release | Not in release | Not in release | Not in release |
| thunderbird | — | Fixed | Fixed | Fixed | Fixed |
In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in system_server with no additional execution privileges needed. User interaction is...
7 affected packages
chromium-browser, firefox, mozjs38, mozjs52, mozjs60...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Not affected |
| firefox | — | — | — | — | Not affected |
| mozjs38 | — | — | — | — | Not affected |
| mozjs52 | — | — | — | — | Not affected |
| mozjs60 | — | — | — | — | Not in release |
| qtwebengine-opensource-src | — | — | — | — | Not affected |
| thunderbird | — | — | — | — | Not affected |
In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for...
7 affected packages
chromium-browser, firefox, mozjs38, mozjs52, mozjs60...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Not affected |
| firefox | — | — | — | — | Not affected |
| mozjs38 | — | — | — | — | Not affected |
| mozjs52 | — | — | — | — | Not affected |
| mozjs60 | — | — | — | — | Not in release |
| qtwebengine-opensource-src | — | — | — | — | Not affected |
| thunderbird | — | — | — | — | Not affected |
In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges...
7 affected packages
firefox, mozjs38, chromium-browser, mozjs52, mozjs60...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | — | — | Not affected |
| mozjs38 | — | — | — | — | Not affected |
| chromium-browser | — | — | — | — | Not affected |
| mozjs52 | — | — | — | — | Not affected |
| mozjs60 | — | — | — | — | Not in release |
| qtwebengine-opensource-src | — | — | — | — | Not affected |
| thunderbird | — | — | — | — | Not affected |