Astra Linux - уязвимость в firefox

A malicious website might have included an iframe with a malformed URI, resulting in a non-exploitable browser crash. This vulnerability affects Firefox versions earlier than 126...

Astra Linux - уязвимость в firefox, thunderbird

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution within the PDF.js context. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

Astra Linux - уязвимость в firefox

Multiple WebRTC threads may have claimed a newly connected audio input, resulting in a use-after-free vulnerability. This vulnerability affects Firefox versions less than 126...

When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126.

...

Linux Distros Unpatched Vulnerability : CVE-2024-4767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disable...

SUSE CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

SUSE CVE-2024-4767

If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

SUSE CVE-2024-4769

When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird...

SUSE CVE-2024-4771

A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox 126...

DEBIAN-CVE-2024-4777

Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 126, Firefox ESR...

UBUNTU-CVE-2024-4771

A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox 126...