Product:

Firefox_esr

(Mozilla)
Repositories https://github.com/libevent/libevent
#Vulnerabilities 1094
Date Id Summary Products Score Patch Annotated
2023-09-11 CVE-2023-4582 Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Firefox, Firefox_esr, Thunderbird 8.8
2023-09-11 CVE-2023-4583 When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Firefox, Firefox_esr, Thunderbird 7.5
2023-09-11 CVE-2023-4585 Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Firefox, Firefox_esr, Thunderbird 8.8
2024-08-06 CVE-2024-7526 ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Firefox, Firefox_esr, Thunderbird 6.5
2023-10-25 CVE-2023-5724 Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Debian_linux, Firefox, Firefox_esr, Thunderbird 7.5