Search CVE reports

Toggle filters

31 – 40 of 83 results

CVE-2021-29946

Medium priority

Some fixes available 21 of 33

Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird <...

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-29945

Medium priority

Some fixes available 21 of 33

The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability...

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-24002

Medium priority

Some fixes available 21 of 33

When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability...

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-23999

Medium priority

Some fixes available 21 of 33

If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR...

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-23998

Medium priority

Some fixes available 21 of 33

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-23995

Medium priority

Some fixes available 21 of 33

When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR <...

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-23994

Medium priority

Some fixes available 21 of 33

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-23987

Medium priority

Some fixes available 21 of 33

Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-23984

Medium priority

Some fixes available 21 of 33

A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website...

7 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 7 packages Show less packages

CVE-2021-23978

Medium priority

Some fixes available 14 of 26

Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...

8 affected packages

firefox, firefox-esr, mozjs38, mozjs52, mozjs60...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Fixed Fixed Fixed Fixed Fixed
firefox-esr Not in release Not in release Not in release Not in release Not in release
mozjs38 Not in release Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
thunderbird Not affected Not affected Fixed Fixed Ignored
Show all 8 packages Show less packages
  1. Previous page
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. Next page
Export to JSON