Debian Thunderbird vulnerabilities

CVE-2024-50336 [MEDIUM] CVE-2024-50336: node-matrix-js-sdk - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. m... matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the client's homeserver. Fixed in matrix-js-sdk 34.11.1. Scop

CVE-2024-5693 [MEDIUM] CVE-2024-5693: firefox - Offscreen Canvas did not properly track cross-origin tainting, which could be us... Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. Scope: local sid: resolved (fixed in 127.0-1)

CVE-2024-7526 [MEDIUM] CVE-2024-7526: firefox - ANGLE failed to initialize parameters which lead to reading from uninitialized m... ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-1548 [MEDIUM] CVE-2024-1548: firefox - A website could have obscured the fullscreen notification by using a dropdown se... A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. Scope: local sid: resolved (fixed in 123.0-1)

CVE-2024-0742 [MEDIUM] CVE-2024-0742: firefox - It was possible for certain browser prompts and dialogs to be activated or dismi... It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. Scope: local sid: resolved (fixed in 122.0-1)

CVE-2024-6601 [MEDIUM] CVE-2024-6601: firefox - A race condition could lead to a cross-origin container obtaining permissions of... A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-11159 [MEDIUM] CVE-2024-11159: thunderbird - Using remote content in OpenPGP encrypted messages can lead to the disclosure of... Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1. Scope: local bookworm: resolved (fixed in 1:128.4.3esr-1~deb12u1) bullseye: resolved (fixed in 1:128.4.3esr-1~deb11u1) forky: resolved (fixed in 1:128.4.3esr-1) sid: resolved (fixed in 1:128.4.3

CVE-2024-8386 [MEDIUM] CVE-2024-8386: firefox - If a site had been granted the permission to open popup windows, it could cause ... If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. Scope: local sid: resolved (fixed in 130.0-1)

CVE-2024-10461 [MEDIUM] CVE-2024-10461: firefox - In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the... In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Scope: local sid: resolved (fixed in 132.0-1)

CVE-2024-9397 [MEDIUM] CVE-2024-9397: firefox - A missing delay in directory upload UI could have made it possible for an attack... A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. Scope: local sid: resolved (fixed in 131.0-1)

CVE-2024-11692 [MEDIUM] CVE-2024-11692: firefox - An attacker could cause a select dropdown to be shown over another tab; this cou... An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Scope: local sid: resolved (fixed in 133.0-1)

CVE-2024-2610 [MEDIUM] CVE-2024-2610: firefox - Using a markup injection an attacker could have stolen nonce values. This could ... Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved (fixed in 124.0-1)

CVE-2024-9398 [MEDIUM] CVE-2024-9398: firefox - By checking the result of calls to `window.open` with specifically set protocol ... By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. Scope: local sid: resolved (fixed in 131.0-1)

CVE-2024-3861 [MEDIUM] CVE-2024-3861: firefox - If an AlignedBuffer were assigned to itself, the subsequent self-move could resu... If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. Scope: local sid: resolved (fixed in 125.0.1-1)

CVE-2024-7529 [MEDIUM] CVE-2024-7529: firefox - The date picker could partially obscure security prompts. This could be used by ... The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-11696 [MEDIUM] CVE-2024-11696: firefox - The application failed to account for exceptions thrown by the `loadManifestFrom... The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have

CVE-2024-11695 [MEDIUM] CVE-2024-11695: firefox - A crafted URL containing Arabic script and whitespace characters could have hidd... A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. Scope: local sid: resolved (fixed in 133.0-1)

CVE-2024-4767 [MEDIUM] CVE-2024-4767: firefox - If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB file... If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Scope: local sid: resolved (fixed in 126.0-1)

CVE-2024-1547 [MEDIUM] CVE-2024-1547: firefox - Through a series of API calls and redirects, an attacker-controlled alert dialog... Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. Scope: local sid: resolved (fixed in 123.0-1)

CVE-2024-10463 [MEDIUM] CVE-2024-10463: firefox - Video frames could have been leaked between origins in some situations. This vul... Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. Scope: local sid: resolved (fixed in 132.0-1)