Search CVE reports

381 – 390 of 893 results

Detailed view

Sort by:

CVE-2023-25751

Medium priority

Some fixes available 9 of 17

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox...

8 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored
mozjs68	—	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	—	Ignored	Not in release	Not in release
thunderbird	Not affected	Fixed	Fixed	Fixed
mozjs102	Not affected	Fixed	Not in release	Not in release

CVE-2023-25750

Medium priority

Some fixes available 2 of 11

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox < 111.

7 affected packages

firefox, thunderbird, mozjs78, mozjs38, mozjs52...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
thunderbird	Not affected	Not affected	Not in release	Ignored
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored
mozjs68	—	Not in release	Ignored	Not in release
mozjs91	—	Ignored	Not in release	Not in release

CVE-2019-17003

Medium priority

Not affected

Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	Not affected	Not in release	Ignored
mozjs38	—	Not in release	Not in release	Not affected
mozjs52	—	Not in release	Not affected	Not affected
mozjs68	—	Not in release	Not affected	Not in release
mozjs78	—	Not affected	Not in release	Not in release
mozjs91	—	Not affected	Not in release	Not in release
thunderbird	—	Not affected	Not in release	Ignored

CVE-2023-25745

Medium priority

Some fixes available 2 of 11

Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

7 affected packages

mozjs78, firefox, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs78	Not in release	Ignored	Not in release	Not in release
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored
mozjs68	—	Not in release	Ignored	Not in release
mozjs91	—	Ignored	Not in release	Not in release
thunderbird	Not affected	Not affected	Not in release	Ignored

CVE-2023-25744

Medium priority

Some fixes available 2 of 11

Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

7 affected packages

firefox, mozjs68, mozjs78, mozjs91, thunderbird...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs68	—	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	—	Ignored	Not in release	Not in release
thunderbird	Not affected	Not affected	Not in release	Ignored
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored

CVE-2023-25742

Medium priority

Some fixes available 6 of 14

When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored
mozjs68	—	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	—	Ignored	Not in release	Not in release
thunderbird	Not affected	Fixed	Fixed	Fixed

CVE-2023-25741

Medium priority

Some fixes available 2 of 11

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored
mozjs68	—	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	—	Ignored	Not in release	Not in release
thunderbird	Not affected	Not affected	Not in release	Ignored

CVE-2023-25739

Medium priority

Some fixes available 9 of 17

Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and...

8 affected packages

firefox, mozjs102, mozjs38, mozjs52, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs102	Not affected	Fixed	Not in release	Not in release
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored
mozjs68	—	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	—	Ignored	Not in release	Not in release
thunderbird	Not affected	Fixed	Fixed	Fixed

CVE-2023-25737

Medium priority

Some fixes available 6 of 14

An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored
mozjs68	—	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	—	Ignored	Not in release	Not in release
thunderbird	Not affected	Fixed	Fixed	Fixed

CVE-2023-25736

Medium priority

Some fixes available 2 of 11

An invalid downcast from `nsHTMLDocument` to `nsIContent` could have lead to undefined behavior. This vulnerability affects Firefox < 110.

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	Not affected	Not affected	Fixed	Fixed
mozjs38	—	Not in release	Not in release	Ignored
mozjs52	—	Not in release	Ignored	Ignored
mozjs68	—	Not in release	Ignored	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release
mozjs91	—	Ignored	Not in release	Not in release
thunderbird	Not affected	Not affected	Not in release	Ignored

Export to JSON

Results by page: