Search CVE reports
831 – 840 of 1005 results
Some fixes available 24 of 30
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...
6 affected packages
mozjs52, firefox, firefox-esr, mozjs38, mozjs60, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| firefox-esr | Not in release | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
Some fixes available 24 of 30
If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site...
6 affected packages
mozjs52, firefox, firefox-esr, mozjs38, mozjs60, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| firefox-esr | Not in release | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
Some fixes available 12 of 18
A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This...
5 affected packages
mozjs52, firefox, mozjs38, firefox-esr, mozjs60
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| firefox-esr | Not in release | Not in release | Not in release | Not in release |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
6 affected packages
firefox, firefox-esr, mozjs38, mozjs52, mozjs60, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Not in release | Not affected |
| firefox-esr | Not in release | Not in release | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not in release | Not affected |
Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets
5 affected packages
firefox, mozjs38, mozjs52, mozjs60, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Not affected |
| mozjs38 | — | — | — | Not affected |
| mozjs52 | — | — | — | Not affected |
| mozjs60 | — | — | — | Not in release |
| thunderbird | — | — | — | Not affected |
Some fixes available 25 of 34
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1,...
5 affected packages
mozjs38, mozjs52, firefox, mozjs60, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
Some fixes available 25 of 34
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox...
5 affected packages
firefox, mozjs38, mozjs52, mozjs60, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
Some fixes available 13 of 21
Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code....
4 affected packages
firefox, mozjs38, mozjs52, mozjs60
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
Some fixes available 25 of 34
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...
5 affected packages
mozjs38, firefox, mozjs52, mozjs60, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
Some fixes available 25 of 34
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does...
5 affected packages
mozjs38, mozjs52, firefox, mozjs60, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| firefox | Fixed | Fixed | Fixed | Fixed |
| mozjs60 | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Fixed | Fixed | Fixed | Fixed |