Search CVE reports
741 – 750 of 2389 results
Some fixes available 2 of 11
When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox < 111.
7 affected packages
firefox, mozjs68, mozjs78, mozjs91, thunderbird...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Not affected | Not affected | Fixed | Fixed |
| mozjs68 | — | — | Not in release | Ignored | Not in release |
| mozjs78 | — | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | — | Ignored | Not in release | Not in release |
| thunderbird | — | Not affected | Not affected | Not in release | Ignored |
| mozjs38 | — | — | Not in release | Not in release | Ignored |
| mozjs52 | — | — | Not in release | Ignored | Ignored |
Some fixes available 6 of 14
When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox <...
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | — | Not in release | Not in release | Ignored |
| mozjs52 | — | — | Not in release | Ignored | Ignored |
| mozjs68 | — | — | Not in release | Ignored | Not in release |
| mozjs78 | — | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | — | Ignored | Not in release | Not in release |
| thunderbird | — | Not affected | Fixed | Fixed | Fixed |
Some fixes available 9 of 17
Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox...
8 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | — | Not in release | Not in release | Ignored |
| mozjs52 | — | — | Not in release | Ignored | Ignored |
| mozjs68 | — | — | Not in release | Ignored | Not in release |
| mozjs78 | — | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | — | Ignored | Not in release | Not in release |
| thunderbird | — | Not affected | Fixed | Fixed | Fixed |
| mozjs102 | — | Not affected | Fixed | Not in release | Not in release |
Some fixes available 2 of 11
Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox < 111.
7 affected packages
firefox, thunderbird, mozjs78, mozjs38, mozjs52...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Not affected | Not affected | Fixed | Fixed |
| thunderbird | — | Not affected | Not affected | Not in release | Ignored |
| mozjs78 | — | Not in release | Ignored | Not in release | Not in release |
| mozjs38 | — | — | Not in release | Not in release | Ignored |
| mozjs52 | — | — | Not in release | Ignored | Ignored |
| mozjs68 | — | — | Not in release | Ignored | Not in release |
| mozjs91 | — | — | Ignored | Not in release | Not in release |
Rejected reason: Maintainer contacted. This is a false-positive. The flaw does not actually exist and was erroneously tested.
5 affected packages
libpng, libpng1.6, thunderbird, firefox, chromium-browser
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libpng | — | — | Not in release | Not in release | Not in release |
| libpng1.6 | — | Not affected | Not affected | Not affected | Not affected |
| thunderbird | — | Ignored | Ignored | Not in release | Ignored |
| firefox | — | Not affected | Not affected | Not in release | Ignored |
| chromium-browser | — | Not affected | Not affected | Not in release | Ignored |
If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the...
1 affected package
thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| thunderbird | — | — | Fixed | Fixed | Fixed |
Some fixes available 2 of 3
Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME...
1 affected package
thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| thunderbird | — | — | Not affected | Fixed | Fixed |
Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | Not affected | Not in release | Ignored |
| mozjs38 | — | — | Not in release | Not in release | Not affected |
| mozjs52 | — | — | Not in release | Not affected | Not affected |
| mozjs68 | — | — | Not in release | Not affected | Not in release |
| mozjs78 | — | — | Not affected | Not in release | Not in release |
| mozjs91 | — | — | Not affected | Not in release | Not in release |
| thunderbird | — | — | Not affected | Not in release | Ignored |
Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability...
2 affected packages
firefox, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | — | Not affected | Not in release | Ignored |
| thunderbird | — | — | Fixed | Fixed | Fixed |
Some fixes available 2 of 11
Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...
7 affected packages
mozjs78, firefox, mozjs38, mozjs52, mozjs68...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mozjs78 | — | Not in release | Ignored | Not in release | Not in release |
| firefox | — | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | — | Not in release | Not in release | Ignored |
| mozjs52 | — | — | Not in release | Ignored | Ignored |
| mozjs68 | — | — | Not in release | Ignored | Not in release |
| mozjs91 | — | — | Ignored | Not in release | Not in release |
| thunderbird | — | Not affected | Not affected | Not in release | Ignored |