Search CVE reports

Toggle filters

751 – 760 of 951 results

CVE-2020-6463

Medium priority

Some fixes available 15 of 21

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

7 affected packages

chromium-browser, firefox, thunderbird, mozjs38, mozjs60...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected Not in release Fixed
firefox Fixed Fixed Fixed Fixed
thunderbird Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
Show all 7 packages Show less packages

CVE-2020-12396

Medium priority

Some fixes available 12 of 20

Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...

5 affected packages

mozjs52, mozjs68, firefox, mozjs38, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12394

Medium priority

Some fixes available 12 of 20

A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76.

5 affected packages

mozjs52, mozjs68, firefox, mozjs38, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12391

Medium priority

Some fixes available 12 of 20

Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability...

5 affected packages

firefox, mozjs52, mozjs68, mozjs38, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12390

Medium priority

Some fixes available 12 of 20

Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.

5 affected packages

firefox, mozjs38, mozjs52, mozjs68, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-6831

Medium priority

Some fixes available 26 of 34

A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and...

8 affected packages

firefox-esr, firefox, thunderbird, chromium-browser, mozjs38...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox-esr Not in release Not in release Not in release Not in release
firefox Fixed Fixed Fixed Fixed
thunderbird Fixed Fixed Fixed Fixed
chromium-browser Not affected Not affected Not in release Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
mozjs68 Not in release Not in release Ignored Not in release
mozjs52 Not in release Not in release Ignored Ignored
Show all 8 packages Show less packages

CVE-2020-12395

Medium priority

Some fixes available 24 of 32

Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...

6 affected packages

mozjs52, mozjs68, firefox, mozjs38, thunderbird, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
thunderbird Fixed Fixed Fixed Fixed
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12392

Medium priority

Some fixes available 24 of 32

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal,...

6 affected packages

mozjs68, firefox, thunderbird, mozjs52, mozjs38, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
thunderbird Fixed Fixed Fixed Fixed
mozjs52 Not in release Not in release Ignored Ignored
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-12387

Medium priority

Some fixes available 24 of 32

A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

6 affected packages

firefox, mozjs38, mozjs52, thunderbird, mozjs68, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
thunderbird Fixed Fixed Fixed Fixed
mozjs68 Not in release Not in release Ignored Not in release
mozjs60 Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-6826

Medium priority

Some fixes available 12 of 20

Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could...

5 affected packages

mozjs52, mozjs68, firefox, mozjs38, mozjs60

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs60 Not in release Not in release Not in release Not in release
Show less packages
  1. Previous page
  2. 74
  3. 75
  4. 76
  5. 77
  6. 78
  7. Next page
Export to JSON