CVE-2024-7527: Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox…

CVE-2024-7526 [CRITICAL] Thunderbird vulnerabilities Title: Thunderbird vulnerabilities Summary: Several security issues were fixed in Thunderbird. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-7521, CVE-2024-7526, CVE-2024-7527, CVE-2024-7529, CVE-2024-8382) It was discovered that Thunderbird did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Irvan Kurniawan discovered that Thunderbird did not properly check an attribute value i

[MEDIUM] Firefox regressions Title: Firefox regressions Summary: USN-6966-1 caused some minor regressions in Firefox. USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memo

CVE-2024-7518 [MEDIUM] Firefox vulnerabilities Title: Firefox vulnerabilities Summary: Several security issues were fixed in Firefox. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker coul

CVE-2024-7527 [HIGH] CWE-416 mozilla: Use-after-free in JavaScript garbage collection mozilla: Use-after-free in JavaScript garbage collection Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free. Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Package: firefox (Red Hat Enterprise Linux 6) - Out of support scope Package: thunderbird (Red Hat Enterprise Linux 6) - Out of support scope Package: thunderbird (Red Hat Enterprise Linux 7) - Out of support scope

CVE-2024-7527 [HIGH] CVE-2024-7527: firefox - Unexpected marking work at the start of sweeping could have led to a use-after-f... Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-7527 [HIGH] Mozilla Foundation Security Advisory 2024-38: CVE-2024-7527 Mozilla Foundation Security Advisory 2024-38 CVE: CVE-2024-7527 Product: Thunderbird Impact: moderate Fixed in: Thunderbird 115.14

CVE-2024-7527 [HIGH] Mozilla Foundation Security Advisory 2024-33: CVE-2024-7527 Mozilla Foundation Security Advisory 2024-33 CVE: CVE-2024-7527 Product: Firefox Impact: low Fixed in: Firefox 129

CVE-2024-7527 [HIGH] Mozilla Foundation Security Advisory 2024-37: CVE-2024-7527 Mozilla Foundation Security Advisory 2024-37 CVE: CVE-2024-7527 Product: Thunderbird Impact: moderate Fixed in: Thunderbird 128.1

CVE-2024-7527 [HIGH] Mozilla Foundation Security Advisory 2024-34: CVE-2024-7527 Mozilla Foundation Security Advisory 2024-34 CVE: CVE-2024-7527 Product: Firefox ESR Impact: low Fixed in: Firefox ESR 115.14

CVE-2024-7527 [HIGH] Mozilla Foundation Security Advisory 2024-35: CVE-2024-7527 Mozilla Foundation Security Advisory 2024-35 CVE: CVE-2024-7527 Product: Firefox ESR Impact: low Fixed in: Firefox ESR 128.1

CVE-2024-7521 [CRITICAL] thunderbird vulnerabilities thunderbird vulnerabilities Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-7521, CVE-2024-7526, CVE-2024-7527, CVE-2024-7529, CVE-2024-8382) It was discovered that Thunderbird did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Irvan Kurniawan discovered that Thunderbird did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerabili

CVE-2024-7518 [MEDIUM] firefox regressions firefox regressions USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the san

CVE-2024-7518 [MEDIUM] firefox vulnerabilities firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. (CVE

CVE-2024-7527 [HIGH] CWE-416 GHSA-69x6-6jqx-q847: Unexpected marking work at the start of sweeping could have led to a use-after-free Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.

CVE-2024-7527 [HIGH] CVE-2024-7527: Unexpected marking work at the start of sweeping could have led to a use-after-free Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.