7 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
When encoding data from an inputStream in xpcom, the size of the input being encoded was not correctly calculated, potentially leading to an out-of-bounds memory write. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Astra Linux – Vulnerability in Firefox and Thunderbird
Module load requests that failed were not checked to determine whether they had been cancelled, resulting in a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
DEBIAN-CVE-2023-25730
A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
SUSE CVE-2023-25737
An invalid downcast from nsTextNode to SVGElement could have lead to undefined behavior. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
UBUNTU-CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
PT-2023-1697 · Mozilla +10 · Thunderbird +11
Name of the Vulnerable Software and Affected Versions: Firefox ESR versions 102.7 and earlier Thunderbird versions prior to 102.8 Description: The issue is related to memory safety bugs, which can lead to memory corruption. With sufficient effort, these bugs could potentially be exploited to...