Search CVE reports
1281 – 1290 of 2343 results
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR <...
2 affected packages
firefox, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| thunderbird | — | — | — | Fixed |
During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer,...
3 affected packages
firefox, thunderbird, nss
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| thunderbird | — | — | — | Fixed |
| nss | — | — | — | Fixed |
Some fixes available 14 of 16
A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability...
3 affected packages
firefox, mozjs38, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| mozjs38 | — | — | — | Not affected |
| thunderbird | — | — | — | Fixed |
Some fixes available 14 of 16
A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability...
3 affected packages
firefox, mozjs38, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| mozjs38 | — | — | — | Not affected |
| thunderbird | — | — | — | Fixed |
Some fixes available 14 of 16
When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3,...
3 affected packages
firefox, mozjs38, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| mozjs38 | — | — | — | Not affected |
| thunderbird | — | — | — | Fixed |
Some fixes available 14 of 16
A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when...
3 affected packages
firefox, mozjs38, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| mozjs38 | — | — | — | Not affected |
| thunderbird | — | — | — | Fixed |
Some fixes available 14 of 16
A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This...
3 affected packages
firefox, mozjs38, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| mozjs38 | — | — | — | Not affected |
| thunderbird | — | — | — | Fixed |
Some fixes available 14 of 16
A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird <...
3 affected packages
firefox, thunderbird, mozjs38
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| thunderbird | — | — | — | Fixed |
| mozjs38 | — | — | — | Not affected |
Some fixes available 14 of 16
A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability...
3 affected packages
firefox, mozjs38, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | Fixed |
| mozjs38 | — | — | — | Not affected |
| thunderbird | — | — | — | Fixed |
Some fixes available 34 of 37
On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This...
3 affected packages
firefox, thunderbird, mozjs38
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Fixed | Fixed |
| thunderbird | Fixed | Fixed | Fixed | Fixed |
| mozjs38 | Not in release | Not in release | Not in release | Ignored |