Search CVE reports

Toggle filters

911 – 920 of 2337 results

CVE-2021-38506

Medium priority

Some fixes available 17 of 27

Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-38504

Medium priority

Some fixes available 17 of 27

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-38503

Medium priority

Some fixes available 17 of 27

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird <...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-16048

Medium priority
Not affected

Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page.

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not in release Not affected
firefox-esr Not in release Not in release
mozjs38 Not in release Not affected
mozjs52 Not affected Not affected
mozjs68 Not affected Not in release
mozjs78 Not in release Not in release
thunderbird Not in release Not affected
Show all 7 packages Show less packages

CVE-2020-21913

Low priority
Fixed

International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.

7 affected packages

firefox, thunderbird, icu, mozjs38, mozjs52...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not in release Not affected
thunderbird Not affected Not in release Not affected
icu Not affected Not affected Fixed
mozjs38 Not in release Not in release Not affected
mozjs52 Not in release Not affected Not affected
mozjs68 Not in release Not affected Not in release
mozjs78 Not affected Not in release Not in release
Show all 7 packages Show less packages

CVE-2021-38493

Medium priority

Some fixes available 12 of 21

Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Fixed Fixed
Show all 7 packages Show less packages

CVE-2021-29991

Medium priority

Some fixes available 11 of 21

Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. This vulnerability affects Firefox < 91.0.1...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Fixed Fixed
Show less packages

CVE-2021-29989

Medium priority

Some fixes available 18 of 27

Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-29988

Medium priority

Some fixes available 18 of 27

Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-29987

Medium priority

Some fixes available 11 of 21

After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
thunderbird Not affected Not affected Fixed Fixed
Show less packages
  1. Previous page
  2. 90
  3. 91
  4. 92
  5. 93
  6. 94
  7. Next page
Export to JSON