Mozilla: Out-of-bounds write in PathOps

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: A compromised content process could have provided malicious data in a PathRecording, resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process...

firefox: use-after-free in workers

The Mozilla Foundation Security Advisory describes this flaw as: During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash...

Mozilla: Use-after-free in Ion Compiler

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NULL bytes and cause a potentially exploitable crash...

Denial Of Service (DoS)

firefox-esr is vulnerable to Denial Of Service DoS. An attacker can supply malicious data to PathRecording, causing an out-of-bounds write and potentially leading to an exploitable crash in a privileged process...

Denial Of Service (DoS)

firefox-esr is vulnerable to Denial Of Service DoS. An attacker can supply malicious data to FilterNodeD2D1, causing an out-of-bounds write and potentially leading to an exploitable crash in a privileged process...

Fedora 37 : firefox (2023-7a4026e363)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7a4026e363 advisory. - Updated to latest upstream 118.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

CVE-2023-5172

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 118...

CVE-2023-5169

A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...

CVE-2023-5175

During process shutdown, it was possible that an ImageBitmap was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox 118...

CVE-2023-5171

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...

UBUNTU-CVE-2023-5172

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 118...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:3837-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3837-1 advisory. - A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out- of-bounds write, leading ...

Fedora 38 : firefox (2023-587dc80bb1)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-587dc80bb1 advisory. - Updated to latest upstream 118.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

CVE-2023-5175

During process shutdown, it was possible that an ImageBitmap was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox 118...

CVE-2023-5168

A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects...

CVE-2023-5169

A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...

CVE-2023-5171

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...

CVE-2023-5175

During process shutdown, it was possible that an ImageBitmap was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox 118...

Out-of-bounds

A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects...

Design/Logic Flaw

During process shutdown, it was possible that an ImageBitmap was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox 118...