Debian Firefox-Esr vulnerabilities

CVE-2021-43534 [HIGH] CVE-2021-43534: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Scope: local

CVE-2021-23960 [HIGH] CVE-2021-23960: firefox - Performing garbage collection on re-declared JavaScript variables resulted in a ... Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. Scope: local sid: resolved (fixed in 85.0-1)

CVE-2021-38500 [HIGH] CVE-2021-38500: firefox - Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox... Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefo

CVE-2021-29946 [HIGH] CVE-2021-29946: firefox - Ports that were written as an integer overflow above the bounds of a 16-bit inte... Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. Scope: local sid: resolved (fixed in 88.0-1)

CVE-2021-29985 [HIGH] CVE-2021-29985: firefox - A use-after-free vulnerability in media channels could have led to memory corrup... A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91. Scope: local sid: resolved (fixed in 91.0-1)

CVE-2021-43539 [HIGH] CVE-2021-43539: firefox - Failure to correctly record the location of live pointers across wasm instance c... Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in

CVE-2021-29980 [HIGH] CVE-2021-29980: firefox - Uninitialized memory in a canvas object could have caused an incorrect free() le... Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91. Scope: local sid: resolved (fixed in 91.0-1)

CVE-2021-29976 [HIGH] CVE-2021-29976: firefox - Mozilla developers reported memory safety bugs present in code shared between Fi... Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90. Scope: local sid: re

CVE-2021-23961 [HIGH] CVE-2021-23961: firefox - Further techniques that built on the slipstream research combined with a malicio... Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. Scope: local sid: resolved (fixed in 85.0-1)

CVE-2021-30547 [HIGH] CVE-2021-30547: chromium - Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a r... Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: res

CVE-2021-29970 [HIGH] CVE-2021-29970: firefox - A malicious webpage could have triggered a use-after-free, memory corruption, an... A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90. Scope: local sid: resolved (fixed in 90.0-1)

CVE-2021-23964 [HIGH] CVE-2021-23964: firefox - Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox... Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. Scope: local sid: resolved (fixed

CVE-2021-23987 [HIGH] CVE-2021-23987: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9. Scope: local

CVE-2021-43535 [HIGH] CVE-2021-43535: firefox - A use-after-free could have occured when an HTTP2 session object was released on... A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.3, and Firefox ESR < 91.3. Scope: local sid: resolved (fixed in 93.0-1)

CVE-2021-43537 [HIGH] CVE-2021-43537: firefox - An incorrect type conversion of sizes from 64bit to 32bit integers allowed an at... An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in 95.0-1)

CVE-2021-23953 [MEDIUM] CVE-2021-23953: firefox - If a user clicked into a specifically crafted PDF, the PDF reader could be confu... If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. Scope: local sid: resolved (fixed in 85.0-1)

CVE-2021-38497 [MEDIUM] CVE-2021-38497: firefox - Through use of reportValidity() and window.open(), a plain-text validation messa... Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2. Scope: local sid: resolved (fixed in 93.0-1)

CVE-2021-43538 [MEDIUM] CVE-2021-43538: firefox - By misusing a race in our notification code, an attacker could have forcefully h... By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in 95.0-1)

CVE-2021-38506 [MEDIUM] CVE-2021-38506: firefox - Through a series of navigations, Firefox could have entered fullscreen mode with... Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Scope: local sid: resolved (fixed in 94.0-1)

CVE-2021-43541 [MEDIUM] CVE-2021-43541: firefox - When invoking protocol handlers for external protocols, a supplied parameter URL... When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Scope: local sid: resolved (fixed in 95.0-1)