Search CVE reports
161 – 170 of 1943 results
CVE-2023-50762
Medium priorityWhen processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always...
1 affected packages
thunderbird
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
thunderbird | — | Fixed | Fixed | Ignored | Ignored |
CVE-2023-50761
Medium priorityThe signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time,...
1 affected packages
thunderbird
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
thunderbird | — | Fixed | Fixed | Ignored | Ignored |
CVE-2023-6870
Medium priorityApplications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. *This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Not affected | Ignored | Ignored |
mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2023-6868
Medium priorityIn some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. *This bug only...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Not affected | Ignored | Ignored |
mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2023-6213
Medium prioritySome fixes available 1 of 14
Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2023-6212
Medium prioritySome fixes available 6 of 18
Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |
CVE-2023-6211
Medium prioritySome fixes available 1 of 14
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2023-6210
Medium prioritySome fixes available 1 of 14
When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2023-6209
Medium prioritySome fixes available 6 of 18
Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |
CVE-2023-6208
Medium prioritySome fixes available 6 of 18
When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11. Other systems are...
8 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | Not affected | Not affected | Fixed | Ignored | Ignored |
mozjs102 | Ignored | Ignored | Not in release | Not in release | Not in release |
mozjs38 | Not in release | Not in release | Not in release | Ignored | Not in release |
mozjs52 | Not in release | Not in release | Ignored | Ignored | Not in release |
mozjs68 | Not in release | Not in release | Ignored | Not in release | Not in release |
mozjs78 | Not in release | Ignored | Not in release | Not in release | Not in release |
mozjs91 | Not in release | Ignored | Not in release | Not in release | Not in release |
thunderbird | Fixed | Fixed | Fixed | Ignored | Ignored |