Search CVE reports

Toggle filters

791 – 800 of 1005 results

CVE-2020-12417

Medium priority

Some fixes available 24 of 32

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.*...

7 affected packages

mozjs52, mozjs68, firefox, firefox-esr, mozjs38...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show all 7 packages Show less packages

CVE-2020-12416

Medium priority

Some fixes available 14 of 23

A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.

6 affected packages

thunderbird, mozjs52, mozjs68, mozjs38, firefox, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
thunderbird Not affected Not affected Fixed Fixed
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Ignored
firefox Fixed Fixed Fixed Fixed
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12415

Medium priority

Some fixes available 14 of 23

When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level...

6 affected packages

thunderbird, mozjs52, mozjs68, mozjs38, mozjs60, firefox

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
thunderbird Not affected Not affected Fixed Fixed
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
firefox Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-12410

Medium priority

Some fixes available 24 of 32

Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...

7 affected packages

mozjs52, mozjs68, firefox-esr, firefox, thunderbird...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox-esr Not in release Not in release Not in release Not in release
firefox Fixed Fixed Fixed Fixed
thunderbird Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show all 7 packages Show less packages

CVE-2020-12411

Medium priority

Some fixes available 12 of 20

Mozilla developers reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code....

5 affected packages

mozjs52, mozjs68, firefox, mozjs38, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12409

Low priority

Some fixes available 12 of 20

When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox < 77.

5 affected packages

mozjs52, mozjs68, mozjs60, firefox, mozjs38

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
Show less packages

CVE-2020-12408

Low priority

Some fixes available 12 of 20

When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox < 77.

5 affected packages

mozjs52, mozjs68, firefox, mozjs38, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12407

Medium priority

Some fixes available 12 of 20

Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from...

5 affected packages

mozjs52, mozjs68, firefox, mozjs38, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12406

Medium priority

Some fixes available 24 of 32

Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects...

6 affected packages

mozjs52, mozjs68, mozjs38, mozjs60, firefox, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
firefox Fixed Fixed Fixed Fixed
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-12405

Medium priority

Some fixes available 24 of 32

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.

6 affected packages

mozjs52, mozjs68, firefox, mozjs38, thunderbird, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
thunderbird Fixed Fixed Fixed Fixed
mozjs60 Not in release Not in release Not in release Not in release
Show less packages
  1. Previous page
  2. 78
  3. 79
  4. 80
  5. 81
  6. 82
  7. Next page
Export to JSON