94 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
Cross-compartment wrappers used to wrap a scripted proxy might have caused objects from other compartments to be stored in the main compartment, resulting in a “use-after-free” error after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Astra Linux – Vulnerability in Firefox and Thunderbird
Cross-compartment wrappers used to wrap a scripted proxy might have caused objects from other compartments to be stored in the main compartment, resulting in a “use-after-free” vulnerability. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...
EUVD-2023-29642
Malicious code in bioql PyPI...
Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2024-1181)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2024-1201)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : thunderbird (RHSA-2023:4062)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4062 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115,...
Rocky Linux 8 : thunderbird (RLSA-2023:4063)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4063 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115,...
Amazon Linux 2 : firefox (ALASFIREFOX-2023-001)
The version of firefox installed on the remote host is prior to 102.13.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-001 advisory. An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This...
OESA-2023-1671 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: An attacke...
Rocky Linux 8 : firefox (RLSA-2023:4076)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4076 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115,...
Use After Free
Firefox is vulnerable to Use After Free. The vulnerability exists because the cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free...
Amazon Linux 2 : thunderbird (ALAS-2023-2156)
The version of thunderbird installed on the remote host is prior to 102.13.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2156 advisory. An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This...
Updated firefox/nss packages fix security vulnerability
An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS CVE-2023-37201. Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free in...
Rocky Linux 9 : firefox (RLSA-2023:4071)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4071 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115,...
Oracle Linux 7 : thunderbird (ELSA-2023-4062)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4062 advisory. 102.13.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.13.0-2 - Update to...
Oracle Linux 9 : thunderbird (ELSA-2023-4064)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4064 advisory. 102.13.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.13.0-2 - Update to 102.13.0 build2 102.13.0-...
AlmaLinux 8 : thunderbird (ALSA-2023:4063)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4063 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefo...
AlmaLinux 9 : firefox (ALSA-2023:4071)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4071 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefo...
Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey
The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free...
Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey
The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free...