Search CVE reports
341 – 350 of 2489 results
Some fixes available 1 of 11
A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4,...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | — | — |
| mozjs102 | Not in release | Ignored | Ignored | — | — |
| mozjs115 | Not in release | Ignored | Not in release | — | — |
| mozjs38 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Not in release | Ignored | — | — |
| thunderbird | Not affected | Not affected | Fixed | — | — |
Some fixes available 1 of 11
Use-after-free in MediaTrackGraphImpl::GetInstance(). This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | — | — |
| mozjs102 | Not in release | Ignored | Ignored | — | — |
| mozjs115 | Not in release | Ignored | Not in release | — | — |
| mozjs38 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Not in release | Ignored | — | — |
| thunderbird | Not affected | Not affected | Fixed | — | — |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 143.0.3.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | — | — |
| mozjs102 | Not in release | Ignored | Ignored | — | — |
| mozjs115 | Not in release | Ignored | Not in release | — | — |
| mozjs38 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Not in release | Ignored | — | — |
| thunderbird | Not affected | Not affected | Not affected | — | — |
Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143.0.3.
2 affected packages
firefox, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Not affected | Not affected | — | — |
| thunderbird | — | Not affected | Not affected | — | — |
Some fixes available 1 of 11
Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | — | — |
| mozjs102 | Not in release | Ignored | Ignored | — | — |
| mozjs115 | Not in release | Ignored | Not in release | — | — |
| mozjs38 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Not in release | Ignored | — | — |
| thunderbird | Not affected | Not affected | Fixed | — | — |
Some fixes available 1 of 11
Information disclosure in the Networking: Cache component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | — | — |
| mozjs102 | Not in release | Ignored | Ignored | — | — |
| mozjs115 | Not in release | Ignored | Not in release | — | — |
| mozjs38 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Not in release | Ignored | — | — |
| thunderbird | Not affected | Not affected | Fixed | — | — |
Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143.
2 affected packages
firefox, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Not affected | Not affected | — | — |
| thunderbird | — | Not affected | Not affected | — | — |
Spoofing issue in the Site Permissions component. This vulnerability was fixed in Firefox 143 and Thunderbird 143.
2 affected packages
firefox, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Not affected | Not affected | — | — |
| thunderbird | — | Not affected | Not affected | — | — |
Some fixes available 1 of 11
Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | — | — |
| mozjs102 | Not in release | Ignored | Ignored | — | — |
| mozjs115 | Not in release | Ignored | Not in release | — | — |
| mozjs38 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Not in release | Ignored | — | — |
| thunderbird | Not affected | Not affected | Fixed | — | — |
Some fixes available 1 of 11
Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | — | — |
| mozjs102 | Not in release | Ignored | Ignored | — | — |
| mozjs115 | Not in release | Ignored | Not in release | — | — |
| mozjs38 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | — |
| mozjs78 | Not in release | Not in release | Ignored | — | — |
| mozjs91 | Not in release | Not in release | Ignored | — | — |
| thunderbird | Not affected | Not affected | Fixed | — | — |