Debian Firefox vulnerabilities

CVE-2024-7529 [MEDIUM] CVE-2024-7529: firefox - The date picker could partially obscure security prompts. This could be used by ... The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-11696 [MEDIUM] CVE-2024-11696: firefox - The application failed to account for exceptions thrown by the `loadManifestFrom... The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have

CVE-2024-6613 [MEDIUM] CVE-2024-6613: firefox - The frame iterator could get stuck in a loop when encountering certain wasm fram... The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-6610 [MEDIUM] CVE-2024-6610: firefox - Form validation popups could capture escape key presses. Therefore, spamming for... Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-11695 [MEDIUM] CVE-2024-11695: firefox - A crafted URL containing Arabic script and whitespace characters could have hidd... A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Scope: local sid: resolved (fixed in 133.0-1)

CVE-2024-7524 [MEDIUM] CVE-2024-7524: firefox - Firefox adds web-compatibility shims in place of some tracking scripts blocked b... Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerabili

CVE-2024-4767 [MEDIUM] CVE-2024-4767: firefox - If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB file... If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-3862 [MEDIUM] CVE-2024-3862: firefox - The MarkStack assignment operator, part of the JavaScript engine, could access u... The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox < 125. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-4772 [MEDIUM] CVE-2024-4772: firefox - An HTTP digest authentication nonce value was generated using `rand()` which cou... An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-4774 [MEDIUM] CVE-2024-4774: firefox - The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined beha... The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox < 126. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-1547 [MEDIUM] CVE-2024-1547: firefox - Through a series of API calls and redirects, an attacker-controlled alert dialog... Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. Scope: local sid: resolved (fixed in 123.0-1)

CVE-2024-10463 [MEDIUM] CVE-2024-10463: firefox - Video frames could have been leaked between origins in some situations. This vul... Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Scope: local sid: resolved (fixed in 132.0-1)

CVE-2024-1549 [MEDIUM] CVE-2024-1549: firefox - If a website set a large custom cursor, portions of the cursor could have overla... If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. Scope: local sid: resolved (fixed in 123.0-1)

CVE-2024-1550 [MEDIUM] CVE-2024-1550: firefox - A malicious website could have used a combination of exiting fullscreen mode and... A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. Scope: loc

CVE-2024-1551 [MEDIUM] CVE-2024-1551: firefox - Set-Cookie response headers were being incorrectly honored in multipart HTTP res... Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird <

CVE-2024-4768 [MEDIUM] CVE-2024-4768: firefox - A bug in popup notifications' interaction with WebAuthn made it easier for an at... A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-0753 [MEDIUM] CVE-2024-0753: firefox - In specific HSTS configurations an attacker could have bypassed HSTS on a subdom... In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. Scope: local sid: resolved (fixed in 122.0-1)

CVE-2024-3855 [MEDIUM] CVE-2024-3855: firefox - In certain cases the JIT incorrectly optimized MSubstr operations, which led to ... In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-1556 [MEDIUM] CVE-2024-1556: firefox - The incorrect object was checked for NULL in the built-in profiler, potentially ... The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123. Scope: local sid: resolved (fixed in 123.0-1)

CVE-2024-0748 [MEDIUM] CVE-2024-0748: firefox - A compromised content process could have updated the document URI. This could ha... A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122. Scope: local sid: resolved (fixed in 122.0-1)