Search CVE reports

351 – 360 of 893 results

Detailed view

Sort by:

CVE-2023-32211

Medium priority

Some fixes available 10 of 18

A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

8 affected packages

firefox, mozjs78, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Not affected	Fixed	Fixed	Fixed
mozjs102	Not affected	Fixed	Not in release	Not in release

CVE-2023-32210

Medium priority

Some fixes available 2 of 11

Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain circumstances it might have been possible to cause a document to be loaded with a...

7 affected packages

firefox, mozjs78, thunderbird, mozjs38, mozjs52...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs78	Not in release	Ignored	Not in release	Not in release
thunderbird	Not affected	Not affected	Not in release	Ignored
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2023-32209

Medium priority

Some fixes available 2 of 11

A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox < 113.

7 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
thunderbird	Not affected	Not affected	Not in release	Ignored
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2023-32208

Medium priority

Some fixes available 2 of 11

Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox < 113.

7 affected packages

firefox, mozjs78, mozjs91, thunderbird, mozjs38...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Not affected	Not affected	Not in release	Ignored
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release

CVE-2023-32207

Medium priority

Some fixes available 7 of 15

A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

7 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
thunderbird	Not affected	Fixed	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2023-32206

Medium priority

Some fixes available 7 of 15

An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

7 affected packages

firefox, mozjs68, mozjs78, thunderbird, mozjs38...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
thunderbird	Not affected	Fixed	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2023-32205

Medium priority

Some fixes available 7 of 15

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and...

7 affected packages

firefox, thunderbird, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
thunderbird	Not affected	Fixed	Fixed	Fixed
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2023-1999

Medium priority

Some fixes available 10 of 26

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out...

8 affected packages

libwebp, firefox, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libwebp	Fixed	Fixed	Fixed	Fixed
firefox	Not affected	Not affected	Not in release	Not affected
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Ignored	Ignored	Not in release	Ignored

CVE-2023-29551

Medium priority

Some fixes available 2 of 11

Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

7 affected packages

firefox, mozjs78, thunderbird, mozjs38, mozjs52...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs78	Not in release	Ignored	Not in release	Not in release
thunderbird	Not affected	Not affected	Not in release	Ignored
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release

CVE-2023-29550

Medium priority

Some fixes available 9 of 17

Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

8 affected packages

firefox, mozjs78, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs38	Not in release	Not in release	Not in release	Ignored
mozjs52	Not in release	Not in release	Ignored	Ignored
mozjs68	Not in release	Not in release	Ignored	Not in release
mozjs91	Not in release	Ignored	Not in release	Not in release
thunderbird	Not affected	Fixed	Fixed	Fixed
mozjs102	Not affected	Fixed	Not in release	Not in release

Export to JSON

Results by page: