Product:

Firefox

(Mozilla)
Repositories https://github.com/libevent/libevent
https://github.com/khaledhosny/ots
#Vulnerabilities 2613
Date Id Summary Products Score Patch Annotated
2020-01-08 CVE-2019-11763 Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird 6.1
2020-01-08 CVE-2019-11757 When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird 8.8
2020-01-08 CVE-2019-11759 An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird 8.8
2020-01-08 CVE-2019-11760 A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird 8.8
2020-01-08 CVE-2019-11761 By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird 5.4
2020-01-08 CVE-2019-11762 If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. Ubuntu_linux, Firefox, Firefox_esr, Thunderbird 6.1
2019-07-23 CVE-2019-11707 A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2. Firefox, Firefox_esr, Thunderbird 8.8
2019-07-23 CVE-2019-11718 Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68. Firefox, Leap 5.3
2019-07-23 CVE-2019-11723 A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox < 68. Firefox, Leap 7.5
2019-07-23 CVE-2019-11724 Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects Firefox < 68. Firefox, Leap 6.1