Debian Firefox vulnerabilities

CVE-2024-7520 [HIGH] CVE-2024-7520: firefox - A type confusion bug in WebAssembly could be leveraged by an attacker to potenti... A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-0745 [HIGH] CVE-2024-0745: firefox - The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow.... The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122. Scope: local sid: resolved (fixed in 122.0-1)

CVE-2024-0744 [HIGH] CVE-2024-0744: firefox - In some circumstances, JIT compiled code could have dereferenced a wild pointer ... In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122. Scope: local sid: resolved (fixed in 122.0-1)

CVE-2024-7652 [HIGH] CVE-2024-7652: firefox - An error in the ECMA-262 specification relating to Async Generators could have r... An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-10467 [HIGH] CVE-2024-10467: firefox - Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 12... Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Scope: local sid:

CVE-2024-2614 [HIGH] CVE-2024-2614: firefox - Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 11... Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved (fixed in 12

CVE-2024-3856 [HIGH] CVE-2024-3856: firefox - A use-after-free could occur during WASM execution if garbage collection ran dur... A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox < 125. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-9399 [HIGH] CVE-2024-9399: firefox - A website configured to initiate a specially crafted WebTransport session could ... A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. Scope: local sid: resolved (fixed in 131.0-1)

CVE-2024-8900 [HIGH] CVE-2024-8900: firefox - An attacker could write data to the user's clipboard, bypassing the user prompt,... An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-11697 [HIGH] CVE-2024-11697: firefox - When handling keypress events, an attacker may have been able to trick a user in... When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Scope: local sid: resolved (fixed in 133.0-1)

CVE-2024-3857 [HIGH] CVE-2024-3857: firefox - The JIT created incorrect code for arguments in certain cases. This led to poten... The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-5688 [HIGH] CVE-2024-5688: firefox - If a garbage collection was triggered at the right time, a use-after-free could ... If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Scope: local sid: resolved (fixed in 127.0-1)

CVE-2024-4770 [HIGH] CVE-2024-4770: firefox - When saving a page to PDF, certain font styles could have led to a potential use... When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-3852 [HIGH] CVE-2024-3852: firefox - GetBoundName could return the wrong version of an object when JIT optimizations ... GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-9394 [HIGH] CVE-2024-9394: firefox - An attacker could, via a specially crafted multipart response, execute arbitrary... An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability

CVE-2024-2608 [HIGH] CVE-2024-2608: firefox - `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEn... `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved (fixed in 124.0-1)

CVE-2024-7522 [HIGH] CVE-2024-7522: firefox - Editor code failed to check an attribute value. This could have led to an out-of... Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-7527 [HIGH] CVE-2024-7527: firefox - Unexpected marking work at the start of sweeping could have led to a use-after-f... Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-5696 [HIGH] CVE-2024-5696: firefox - By manipulating the text in an `&lt;input&gt;` tag, an attacker could have cause... By manipulating the text in an ` ` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Scope: local sid: resolved (fixed in 127.0-1)

CVE-2024-11700 [HIGH] CVE-2024-11700: firefox - Malicious websites may have been able to perform user intent confirmation throug... Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133. Scope: local sid: resolved (fixed in 134.0-1)