Search CVE reports

Toggle filters

341 – 349 of 349 results

CVE-2023-32215

Medium priority

Some fixes available 10 of 18

Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10....

8 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-32211

Medium priority

Some fixes available 10 of 18

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

8 affected packages

firefox, mozjs78, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs78 Not in release Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-29550

Medium priority

Some fixes available 9 of 17

Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

8 affected packages

firefox, mozjs78, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs78 Not in release Ignored Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-29548

Medium priority

Some fixes available 9 of 17

A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.

8 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-29536

Medium priority

Some fixes available 9 of 17

An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects...

8 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-29535

Medium priority

Some fixes available 9 of 17

Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus...

8 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Not in release Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-25751

Medium priority

Some fixes available 9 of 17

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox...

8 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
mozjs68 Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
Show all 8 packages Show less packages

CVE-2023-25739

Medium priority

Some fixes available 9 of 17

Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
mozjs68 Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
Show all 8 packages Show less packages

CVE-2023-25735

Medium priority

Some fixes available 9 of 17

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects...

8 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Ignored
mozjs52 Not in release Ignored Ignored
mozjs68 Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
mozjs91 Ignored Not in release Not in release
thunderbird Not affected Fixed Fixed Fixed
mozjs102 Not affected Fixed Not in release Not in release
Show all 8 packages Show less packages
  1. Previous page
  2. 31
  3. 32
  4. 33
  5. 34
  6. 35
  7. Next page
Export to JSON