11 matches found
Astra Linux – Vulnerability in Firefox
The z-order of browser windows can be manipulated to hide the fullscreen notifications. This could potentially be used to carry out a spoofing attack. This vulnerability has been fixed in Firefox 135 and Thunderbird 135...
OESA-2025-1108 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed...
firefox: thunderbird: Certificate length was not properly checked
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...
firefox: thunderbird: Certificate length was not properly checked
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...
firefox: thunderbird: Potential opening of private browsing tabs in normal browsing windows
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak...
SUSE CVE-2025-1013
A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...
CVE-2025-1012
A race during concurrent delazification could have led to a use-after-free. This vulnerability affects Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...
CVE-2025-1020
Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 135 and Thunderbird 135...
DEBIAN-CVE-2025-0510
Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability was fixed in Thunderbird 128.7 and Thunderbird 135...
UBUNTU-CVE-2025-1020
Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 135 and Thunderbird 135...
UBUNTU-CVE-2025-1019
The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability was fixed in Firefox 135 and Thunderbird 135...