Debian Thunderbird vulnerabilities

CVE-2023-25729 [HIGH] CVE-2023-25729: firefox - Permission prompts for opening external schemes were only shown for <code>Conten... Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbir

CVE-2023-4583 [HIGH] CVE-2023-4583: firefox - When checking if the Browsing Context had been discarded in `HttpBaseChannel`, i... When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Scope: local sid: resolved (

CVE-2023-32213 [HIGH] CVE-2023-32213: firefox - When reading a file, an uninitialized value could have been used as read limit. ... When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Scope: local sid: resolved (fixed in 113.0-1)

CVE-2023-6859 [HIGH] CVE-2023-6859: firefox - A use-after-free condition affected TLS socket creation when under memory pressu... A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. Scope: local sid: resolved (fixed in 121.0-1)

CVE-2023-4048 [HIGH] CVE-2023-4048: firefox - An out-of-bounds read could have led to an exploitable crash when parsing HTML w... An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. Scope: local sid: resolved (fixed in 116.0-1)

CVE-2023-28162 [HIGH] CVE-2023-28162: firefox - While implementing AudioWorklets, some code may have casted one type to another,... While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. Scope: local sid: resolved (fixed in 111.0-1)

CVE-2023-29539 [HIGH] CVE-2023-29539: firefox - When handling the filename directive in the Content-Disposition header, the file... When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, an

CVE-2023-25737 [HIGH] CVE-2023-25737: firefox - An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> coul... An invalid downcast from nsTextNode to SVGElement could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. Scope: local sid: resolved (fixed in 110.0-1)

CVE-2023-37208 [HIGH] CVE-2023-37208: firefox - When opening Diagcab files, Firefox did not warn the user that these files may c... When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Scope: local sid: resolved (fixed in 115.0-1)

CVE-2023-5724 [HIGH] CVE-2023-5724: firefox - Drivers are not always robust to extremely large draw calls and in some cases th... Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Scope: local sid: resolved (fixed in 119.0-1)

CVE-2023-5728 [HIGH] CVE-2023-5728: firefox - During garbage collection extra operations were performed on a object that shoul... During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Scope: local sid: resolved (fixed in 119.0-1)

CVE-2023-6208 [HIGH] CVE-2023-6208: firefox - When using X11, text selected by the page using the Selection API was erroneousl... When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11. Other systems are unaffected.* This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. Scope: local sid: resolved (fixed in 120.0-1)

CVE-2023-4051 [HIGH] CVE-2023-4051: firefox - A website could have obscured the full screen notification by using the file ope... A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2. Scope: local sid: resolved (fixed in 116.0-1)

CVE-2023-6864 [HIGH] CVE-2023-6864: firefox - Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 11... Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. Scope: local sid: resolved (fixed in 12

CVE-2023-4584 [HIGH] CVE-2023-4584: firefox - Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1... Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Th

CVE-2023-6862 [HIGH] CVE-2023-6862: firefox-esr - A use-after-free was identified in the `nsDNSService::Init`. This issue appears... A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6. Scope: local bookworm: resolved (fixed in 115.6.0esr-1~deb12u1) bullseye: resolved (fixed in 115.6.0esr-1~deb11u1) forky: resolved (fixed in 115.6.0esr-1) sid: resolved (fixed in

CVE-2023-4585 [HIGH] CVE-2023-4585: firefox - Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 11... Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Scope: local sid: resolved (fixed in 11

CVE-2023-28427 [HIGH] CVE-2023-28427: node-matrix-js-sdk - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. I... matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating

CVE-2023-37201 [HIGH] CVE-2023-37201: firefox - An attacker could have triggered a use-after-free condition when creating a WebR... An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. Scope: local sid: resolved (fixed in 115.0-1)

CVE-2023-5721 [MEDIUM] CVE-2023-5721: firefox - It was possible for certain browser prompts and dialogs to be activated or dismi... It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. Scope: local sid: resolved (fixed in 119.0-1)