Astra Linux - уязвимость в firefox

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...

FontFace-Lapse

No d...

MiracleLinux 7 : firefox-128.12.0-1.0.1.el7.AXS7 (AXSA:2025-10426:21)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10426:21 advisory. firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet...

openSUSE 16 Security Update : mozjs128 (openSUSE-SU-2025-20135-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20135-1 advisory. - Update to version 128.14.0 bsc1248162: - CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component - CVE-2025-918...

TencentOS Server 3: firefox (TSSA-2025:0528)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0528 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2017-14506

Malware in sbrugna...

firefox security update

An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

MGASA-2025-0228 Updated thunderbird packages fix vulnerabilities

Use-after-free in FontFaceSet. CVE-2025-6424 The WebCompat WebExtension shipped exposed a persistent UUID. CVE-2025-6425 Incorrect parsing of URLs could have allowed embedding of youtube.com. CVE-2025-6429 Content-Disposition header ignored when a file is included in an embed or object tag...

Linux Distros Unpatched Vulnerability : CVE-2022-45407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.1 MFSA 2025-63 bsc1246664: CVE-2025-8027: JavaScript engine only wrote partial return value to stack bmo1968423 CVE-2025-8028: Large branch table could lead to truncated instruction bmo1971581...

Important: firefox

Issue Overview: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox or tag, potentially making a website vulnerable to a cross-site scripting attack. CVE-2025-6430 Affected Packages: firefox Issue Correction: Run dnf update firefox...

Important: firefox

Issue Overview: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox or tag, potentially making a website vulnerable to a cross-site scripting attack. CVE-2025-6430 Affected Packages: firefox Note: This advisory is applicable to Amazon...

firefox: thunderbird: Use-after-free in FontFaceSet

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to MozillaFirefox 128.12.0 MFSA 2025-23, bsc1244670: CVE-2025-6424: Use-after-free in FontFaceSet CVE-2025-6425: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID CVE-2025-6426: No warning when opening...

SUSE CVE-2017-5402

A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

SUSE CVE-2022-45407

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...

CVE-2022-45407

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...

CVE-2022-45407

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...

CVE-2022-45407

The CVE-2022-45407 entry describes a Firefox vulnerability where loading a font via FontFace() on a background worker could trigger a use-after-free, potentially enabling a crash. Affected product: Mozilla Firefox prior to version 107. Root cause: memory safety issue in handling FontFace() usage ...

CVE-2022-45407

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...