CVE-2024-8385: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability…

[CRITICAL] Firefox regressions Title: Firefox regressions Summary: USN-6992-1 caused some minor regressions in Firefox. USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-8382, CVE-2024-8383, CVE-2024-8386, CVE-2024-8387, CVE-2024-8389) Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. An attacker could potentially exploit this issue to cau

CVE-2024-8385 [CRITICAL] Firefox vulnerabilities Title: Firefox vulnerabilities Summary: Several security issues were fixed in Firefox. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-8382, CVE-2024-8383, CVE-2024-8386, CVE-2024-8387, CVE-2024-8389) Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8381) It was discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploi

CVE-2024-8385 [CRITICAL] CWE-843 mozilla: WASM type confusion involving ArrayTypes mozilla: WASM type confusion involving ArrayTypes A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespre

CVE-2024-8385 [CRITICAL] CVE-2024-8385: firefox - A difference in the handling of StructFields and ArrayTypes in WASM could be use... A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Scope: local sid: resolved (fixed in 130.0-1)

CVE-2024-8385 [CRITICAL] Mozilla Foundation Security Advisory 2024-43: CVE-2024-8385 Mozilla Foundation Security Advisory 2024-43 CVE: CVE-2024-8385 Product: Thunderbird Impact: high Fixed in: Thunderbird 128.2

CVE-2024-8385 [CRITICAL] Mozilla Foundation Security Advisory 2024-39: CVE-2024-8385 Mozilla Foundation Security Advisory 2024-39 CVE: CVE-2024-8385 Product: Firefox Impact: high Fixed in: Firefox 130

CVE-2024-8385 [CRITICAL] Mozilla Foundation Security Advisory 2024-40: CVE-2024-8385 Mozilla Foundation Security Advisory 2024-40 CVE: CVE-2024-8385 Product: Firefox ESR Impact: high Fixed in: Firefox ESR 128.2

CVE-2024-8382 [CRITICAL] firefox regressions firefox regressions USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-8382, CVE-2024-8383, CVE-2024-8386, CVE-2024-8387, CVE-2024-8389) Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8381) It

CVE-2024-8382 [CRITICAL] firefox vulnerabilities firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-8382, CVE-2024-8383, CVE-2024-8386, CVE-2024-8387, CVE-2024-8389) Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-8381) It was discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary

CVE-2024-8385 [CRITICAL] CVE-2024-8385: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.

CVE-2024-8385 [CRITICAL] CWE-843 GHSA-j3m3-gfhr-jmqf: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130 and Firefox ESR < 128.2.