Search CVE reports
561 – 570 of 2924 results
Rejected reason: Maintainer contacted. This is a false-positive. The flaw does not actually exist and was erroneously tested.
5 affected packages
libpng, libpng1.6, thunderbird, firefox, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpng | — | Not in release | Not in release | Not in release |
| libpng1.6 | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Ignored | Ignored | Not in release | Ignored |
| firefox | Not affected | Not affected | Not in release | Ignored |
| chromium-browser | Not affected | Not affected | Not in release | Ignored |
Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | Not affected | Not in release | Ignored |
| mozjs38 | — | Not in release | Not in release | Not affected |
| mozjs52 | — | Not in release | Not affected | Not affected |
| mozjs68 | — | Not in release | Not affected | Not in release |
| mozjs78 | — | Not affected | Not in release | Not in release |
| mozjs91 | — | Not affected | Not in release | Not in release |
| thunderbird | — | Not affected | Not in release | Ignored |
Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability...
2 affected packages
firefox, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | Not affected | Not in release | Ignored |
| thunderbird | — | Fixed | Fixed | Fixed |
Some fixes available 2 of 11
Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...
7 affected packages
mozjs78, firefox, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| firefox | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Ignored | Ignored |
| mozjs68 | — | Not in release | Ignored | Not in release |
| mozjs91 | — | Ignored | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not in release | Ignored |
Some fixes available 2 of 11
Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...
7 affected packages
firefox, mozjs68, mozjs78, mozjs91, thunderbird...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Fixed |
| mozjs68 | — | Not in release | Ignored | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | Ignored | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not in release | Ignored |
| mozjs38 | — | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Ignored | Ignored |
Some fixes available 6 of 14
When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Ignored | Ignored |
| mozjs68 | — | Not in release | Ignored | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | Ignored | Not in release | Not in release |
| thunderbird | Not affected | Fixed | Fixed | Fixed |
Some fixes available 2 of 11
When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled...
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Ignored | Ignored |
| mozjs68 | — | Not in release | Ignored | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | Ignored | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not in release | Ignored |
Some fixes available 9 of 17
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Fixed |
| mozjs102 | Not affected | Fixed | Not in release | Not in release |
| mozjs38 | — | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Ignored | Ignored |
| mozjs68 | — | Not in release | Ignored | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | Ignored | Not in release | Not in release |
| thunderbird | Not affected | Fixed | Fixed | Fixed |
Some fixes available 6 of 14
An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Ignored | Ignored |
| mozjs68 | — | Not in release | Ignored | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | Ignored | Not in release | Not in release |
| thunderbird | Not affected | Fixed | Fixed | Fixed |
Some fixes available 2 of 11
An invalid downcast from `nsHTMLDocument` to `nsIContent` could have lead to undefined behavior. This vulnerability affects Firefox < 110.
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Ignored | Ignored |
| mozjs68 | — | Not in release | Ignored | Not in release |
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | — | Ignored | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not in release | Ignored |