Search CVE reports
321 – 330 of 2652 results
CVE-2023-23598
Medium prioritySome fixes available 9 of 17
Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call...
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Fixed | Ignored |
mozjs38 | — | Not in release | Not in release | Ignored | Not in release |
mozjs52 | — | Not in release | Ignored | Ignored | Not in release |
mozjs68 | — | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | — | Ignored | Not in release | Not in release | Not in release |
thunderbird | Fixed | Fixed | Fixed | Fixed | Ignored |
CVE-2023-23597
Medium prioritySome fixes available 2 of 11
A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the <code>file://</code> context. Given a reliable exploit primitive, this new process could be...
7 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Fixed | Ignored |
mozjs38 | — | Not in release | Not in release | Ignored | Not in release |
mozjs52 | — | Not in release | Ignored | Ignored | Not in release |
mozjs68 | — | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | — | Ignored | Not in release | Not in release | Not in release |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2023-22466
Medium priorityTokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will...
9 affected packages
firefox, mozjs38, mozjs52, mozjs68, mozjs78...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Ignored | Ignored | Ignored |
mozjs38 | — | Not in release | Not in release | Ignored | Not in release |
mozjs52 | — | Not in release | Ignored | Ignored | Not in release |
mozjs68 | — | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | — | Ignored | Not in release | Not in release | Not in release |
rust-tokio | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
rustc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2022-46885
Medium priorityMozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some...
1 affected packages
firefox
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | Not affected | Fixed | Ignored | Ignored |
CVE-2022-46883
Medium priorityMozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with...
1 affected packages
firefox
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | Not affected | Fixed | Ignored | Ignored |
CVE-2022-46875
Medium priorityThe executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems...
2 affected packages
firefox, thunderbird
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | Not affected | Not affected | Ignored | Ignored |
thunderbird | — | Not affected | Not affected | Ignored | Ignored |
CVE-2022-40961
Medium priorityDuring startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*....
1 affected packages
firefox
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | Not affected | Not affected | Not affected | Ignored |
CVE-2022-38474
Medium priorityA website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt - it only affects the notification shown...
1 affected packages
firefox
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | Not affected | Not affected | Not affected | Ignored |
CVE-2022-36317
Medium priorityWhen visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>*This bug only affects Firefox for Android. Other operating...
1 affected packages
firefox
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | Not affected | Not affected | Not affected | Ignored |
CVE-2022-36314
Medium prioritySome fixes available 2 of 3
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other...
2 affected packages
firefox, thunderbird
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | Not affected | Not affected | Not affected | Ignored |
thunderbird | — | Fixed | Fixed | Ignored | Ignored |