Search CVE reports
771 – 780 of 2343 results
Some fixes available 4 of 5
If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. This vulnerability affects Firefox < 106.
2 affected packages
thunderbird, firefox
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | — | Fixed | Fixed | Ignored |
| firefox | — | Not affected | Fixed | Fixed |
If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects...
2 affected packages
thunderbird, firefox
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | — | Fixed | Fixed | Fixed |
| firefox | — | Not affected | Fixed | Fixed |
Some fixes available 6 of 14
Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox <...
7 affected packages
mozjs38, mozjs78, mozjs68, firefox, thunderbird...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozjs38 | Not in release | Not in release | Not in release | Ignored |
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| mozjs68 | Not in release | Not in release | Ignored | Not in release |
| firefox | Not affected | Not affected | Fixed | Fixed |
| thunderbird | Not affected | Fixed | Fixed | Fixed |
| mozjs52 | Not in release | Not in release | Ignored | Ignored |
| mozjs91 | Not in release | Ignored | Not in release | Not in release |
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and...
2 affected packages
firefox, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | Not affected | Fixed | Fixed |
| thunderbird | — | Fixed | Fixed | Fixed |
Some fixes available 12 of 102
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
24 affected packages
xmlrpc-c, cableswig, apache2, apr-util, cmake...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| cableswig | — | Not in release | Not in release | Not in release |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected |
| expat | Fixed | Fixed | Fixed | Fixed |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| vnc4 | — | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ayttm | — | Not in release | Not in release | Not in release |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| firefox | Not affected | Not affected | Not in release | Ignored |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | — | Not in release | Not in release | Not in release |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| libxmltok | Not affected | Not affected | Not affected | Not affected |
| matanza | Ignored | Ignored | Ignored | Ignored |
| smart | — | Not in release | Not in release | Not affected |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| thunderbird | Ignored | Ignored | Not in release | Ignored |
| vtk | — | Not in release | Not in release | Not in release |
Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 via the name variable in options.js.
8 affected packages
firefox, mozjs78, node-js-beautify, thunderbird, mozjs38...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Not affected | Not affected | Not in release | Ignored |
| mozjs78 | Not in release | Ignored | Not in release | Not in release |
| node-js-beautify | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| thunderbird | Ignored | Ignored | Not in release | Ignored |
| mozjs38 | — | Not in release | Not in release | Ignored |
| mozjs52 | — | Not in release | Ignored | Ignored |
| mozjs68 | — | Not in release | Ignored | Not in release |
| mozjs91 | — | Ignored | Not in release | Not in release |
Some fixes available 4 of 11
Matrix JavaScript SDK is the Matrix Client-Server software development kit (SDK) for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver could interfere with the verification flow between two...
2 affected packages
node-matrix-js-sdk, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| node-matrix-js-sdk | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| thunderbird | Not affected | Fixed | Fixed | Fixed |
Some fixes available 4 of 11
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person,...
2 affected packages
node-matrix-js-sdk, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| node-matrix-js-sdk | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| thunderbird | Not affected | Fixed | Fixed | Fixed |
Some fixes available 4 of 11
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages...
2 affected packages
node-matrix-js-sdk, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| node-matrix-js-sdk | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| thunderbird | Not affected | Fixed | Fixed | Fixed |
Some fixes available 4 of 11
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the...
2 affected packages
node-matrix-js-sdk, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| node-matrix-js-sdk | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| thunderbird | Not affected | Fixed | Fixed | Fixed |