1430 matches found
Astra Linux – Vulnerability in Firefox
The incorrect object was checked as NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox versions earlier than 123...
Astra Linux – Vulnerability in Firefox and Thunderbird
Module load requests that failed were not checked to determine whether they had been cancelled, resulting in a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Astra Linux – Vulnerability in Firefox
By using iterative requests, an attacker was able to determine the size of an opaque response, as well as the contents of a Vary header provided by the server. This vulnerability affects Firefox versions earlier than 119...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux – Vulnerability in Firefox and Thunderbird
A type checking bug could have resulted in invalid code being compiled. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...
Astra Linux – Vulnerability in Firefox
GNOME was leaking browser tab titles into system logs. This could potentially expose users’ browsing habits when they are using private tabs. This vulnerability affects Firefox versions earlier than 121...
Astra Linux – Vulnerability in Firefox
Under unusual circumstances, an individual thread may survive the termination of its manager during shutdown. This could lead to a use-after-free condition, resulting in a potentially exploitable crash. This vulnerability affects Firefox versions earlier than 98...
Astra Linux – Vulnerability in Firefox and Thunderbird
Mozilla developers and community members reported memory safety bugs in Firefox 93 and Firefox ESR 91.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability...
Astra Linux – Vulnerability in Firefox and Thunderbird
The WebAssembly JIT might miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
Astra Linux – Vulnerability in Firefox and Thunderbird
When Responsive Design Mode was enabled, it used references to objects that had previously been freed. We assume that with sufficient effort, this could have been exploited to execute arbitrary code. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
Astra Linux – Vulnerability in Firefox
Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS using DNS rebinding. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...
Astra Linux – Vulnerability in Firefox
When using the Performance API, attackers were able to detect subtle differences between PerformanceEntries, thereby determining whether the target URL had undergone a redirect. This vulnerability affects Firefox 103...
Astra Linux – Vulnerability in Firefox
Memory safety bugs exist in Firefox 119. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 120...
Astra Linux – Vulnerability in Firefox
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 107. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been...
Astra Linux – Vulnerability in Firefox and Thunderbird
When encoding data from an inputStream in xpcom, the size of the input being encoded was not correctly calculated, potentially leading to an out-of-bounds memory write. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Astra Linux – Vulnerability in Firefox
By using XSL Transforms, a malicious webserver could serve a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. This vulnerability affects Firefox versions earlier than 97...
Astra Linux – Vulnerability in Firefox and Thunderbird
When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability, this could have led to an out-of-bounds memory read. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...
Astra Linux – Vulnerability in Firefox
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox versions 123...
Astra Linux – Vulnerability in Thunderbird
An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106...
Astra Linux – Vulnerability in Firefox
If an attacker loads a font using FontFace on a background worker, a use-after-free might occur, resulting in a potentially exploitable crash. This vulnerability affects Firefox versions earlier than 107...