Debian Firefox vulnerabilities

CVE-2024-29943 [CRITICAL] CVE-2024-29943: firefox - An attacker was able to perform an out-of-bounds read or write on a JavaScript o... An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1. Scope: local sid: resolved (fixed in 124.0.1-1)

CVE-2024-5695 [CRITICAL] CVE-2024-5695: firefox - If an out-of-memory condition occurs at a specific point using allocations in th... If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox < 127. Scope: local sid: resolved (fixed in 127.0-1)

CVE-2024-1554 [CRITICAL] CVE-2024-1554: firefox - The `fetch()` API and navigation incorrectly shared the same cache, as the cache... The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers `fetch()` may contain. Under the correct circumstances, an attacker may have been able to poison the local browser cache by priming it with a `fetch()` response controlled by the additional headers. Upon navigation to the same URL, the user wou

CVE-2024-4778 [CRITICAL] CVE-2024-4778: firefox - Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of... Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-8385 [CRITICAL] CVE-2024-8385: firefox - A difference in the handling of StructFields and ArrayTypes in WASM could be use... A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Scope: local sid: resolved (fixed in 130.0-1)

CVE-2024-4764 [CRITICAL] CVE-2024-4764: firefox - Multiple WebRTC threads could have claimed a newly connected audio input leading... Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox < 126. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-6611 [CRITICAL] CVE-2024-6611: firefox - A nested iframe, triggering a cross-site navigation, could send SameSite=Strict ... A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-9392 [CRITICAL] CVE-2024-9392: firefox - A compromised content process could have allowed for the arbitrary loading of cr... A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. Scope: local sid: resolved (fixed in 131.0-1)

CVE-2024-1553 [HIGH] CVE-2024-1553: firefox - Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 11... Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. Scope: local sid: resolved (fixed in 12

CVE-2024-9956 [HIGH] CVE-2024-9956: chromium - Inappropriate implementation in WebAuthentication in Google Chrome on Android pr... Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 130.0.6723.58-1~deb12u1) bullseye: open forky: resolved (fixed in 130.0.6723.58-1) sid: resolved (fixed in

CVE-2024-4777 [HIGH] CVE-2024-4777: firefox - Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 1... Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Scope: local sid: resolved (fixed i

CVE-2024-7528 [HIGH] CVE-2024-7528: firefox - Incorrect garbage collection interaction in IndexedDB could have led to a use-af... Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-3854 [HIGH] CVE-2024-3854: firefox - In some code patterns the JIT incorrectly optimized switch statements and genera... In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-4773 [HIGH] CVE-2024-4773: firefox - When a network error occurred during page load, the prior content could have rem... When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-9396 [HIGH] CVE-2024-9396: firefox - It is currently unknown if this issue is exploitable but a condition may arise w... It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. Scope: local sid: resolved (fixed in 131.0-1)

CVE-2024-1552 [HIGH] CVE-2024-1552: firefox - Incorrect code generation could have led to unexpected numeric conversions and p... Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. Scope: local sid: resolved (fixed in 123.0-1)

CVE-2024-4771 [HIGH] CVE-2024-4771: firefox - A memory allocation check was missing which would lead to a use-after-free if th... A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-9400 [HIGH] CVE-2024-9400: firefox - A potential memory corruption vulnerability could be triggered if an attacker ha... A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. Scope: local sid: resolved (fixed in 131.0-1)

CVE-2024-3853 [HIGH] CVE-2024-3853: firefox - A use-after-free could result if a JavaScript realm was in the process of being ... A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-5694 [HIGH] CVE-2024-5694: firefox - An attacker could have caused a use-after-free in the JavaScript engine to read ... An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127. Scope: local sid: resolved (fixed in 127.0-1)