Search CVE reports

471 – 480 of 1943 results

Detailed view

Sort by:

CVE-2021-4129

Low priority

Some fixes available 6 of 7

Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of...

1 affected packages

thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
thunderbird	—	Fixed	Fixed	Fixed	—

CVE-2022-22751

Medium priority

Some fixes available 17 of 27

Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	—
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

CVE-2022-22748

Medium priority

Some fixes available 17 of 27

Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	—
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

CVE-2022-22747

Low priority

Some fixes available 22 of 33

After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5,...

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	—
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
nss	Not affected	Not affected	Fixed	Fixed	Fixed
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

CVE-2022-22745

Medium priority

Some fixes available 17 of 27

Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	—
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

CVE-2022-22743

Medium priority

Some fixes available 17 of 27

When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	—
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

CVE-2022-22742

Medium priority

Some fixes available 17 of 27

When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	—
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

CVE-2022-22741

Medium priority

Some fixes available 17 of 27

When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	—
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

CVE-2022-22740

Medium priority

Some fixes available 17 of 27

Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox...

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	—
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

CVE-2022-22739

Low priority

Some fixes available 17 of 27

Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.

6 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs78, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	Fixed	Fixed	Fixed	Fixed	Ignored
mozjs38	Not in release	Not in release	Not in release	Ignored	Not in release
mozjs52	Not in release	Not in release	Ignored	Ignored	Not in release
mozjs68	Not in release	Not in release	Ignored	Not in release	Not in release
mozjs78	Not in release	Ignored	Not in release	Not in release	Not in release
thunderbird	Fixed	Fixed	Fixed	Fixed	Ignored

Export to JSON

Results by page: