7 matches found
CentOS 8 : thunderbird (CESA-2022:0535)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0535 advisory. - Mozilla: Extensions could have bypassed permission confirmation during update CVE-2022-22754 - Mozilla: Drag and dropping an image could have resulte...
Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption, some of which could...
Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption, some of which could...
Debian DLA-2921-1 : thunderbird - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2921 advisory. - Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed...
CVE-2022-22759
If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox 97, Thunderbird 91.6, and...
UBUNTU-CVE-2022-22759
If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox 97, Thunderbird 91.6, and...
UBUNTU-CVE-2022-22763
When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox 96, Thunderbird 91.6, and Firefox ESR 91.6...