Search CVE reports

Toggle filters

611 – 620 of 720 results

CVE-2021-23965

Medium priority

Some fixes available 11 of 23

Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code....

6 affected packages

firefox, mozjs38, mozjs52, mozjs60, mozjs68, mozjs78

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
Show less packages

CVE-2021-23964

Medium priority

Some fixes available 21 of 33

Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...

7 affected packages

firefox, mozjs38, mozjs52, mozjs60, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show all 7 packages Show less packages

CVE-2021-23963

Medium priority

Some fixes available 11 of 23

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85.

6 affected packages

firefox, mozjs38, mozjs52, mozjs60, mozjs68, mozjs78

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
Show less packages

CVE-2021-23962

Medium priority

Some fixes available 11 of 23

Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85.

6 affected packages

firefox, mozjs38, mozjs52, mozjs60, mozjs68, mozjs78

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
Show less packages

CVE-2021-23961

Medium priority

Some fixes available 21 of 33

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects...

7 affected packages

mozjs78, thunderbird, firefox, mozjs38, mozjs52...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
Show all 7 packages Show less packages

CVE-2021-23960

Medium priority

Some fixes available 21 of 33

Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.

8 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs60...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show all 8 packages Show less packages

CVE-2021-23958

Medium priority

Some fixes available 11 of 23

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85.

6 affected packages

firefox, mozjs38, mozjs52, mozjs60, mozjs68, mozjs78

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
Show less packages

CVE-2021-23956

Medium priority

Some fixes available 11 of 23

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85.

6 affected packages

firefox, mozjs38, mozjs52, mozjs60, mozjs68, mozjs78

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
Show less packages

CVE-2021-23955

Medium priority

Some fixes available 11 of 23

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox < 85.

6 affected packages

firefox, mozjs38, mozjs52, mozjs60, mozjs68, mozjs78

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
Show less packages

CVE-2021-23954

Medium priority

Some fixes available 21 of 33

Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox <...

8 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs60...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show all 8 packages Show less packages
  1. Previous page
  2. 60
  3. 61
  4. 62
  5. 63
  6. 64
  7. Next page
Export to JSON