Debian Ublock-Origin vulnerabilities

CVE-2025-4215 [LOW] CVE-2025-4215: ublock-origin - A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been ... A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the component UI. The manipulation leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The complexity of an attack is rather high.

CVE-2022-32308 [MEDIUM] CVE-2022-32308: ublock-origin - Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.... Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.1 allows remote attackers to run arbitrary code via a spoofed 'MessageSender.url' to the browser renderer process. Scope: local bookworm: resolved (fixed in 1.42.0+dfsg-1) bullseye: resolved (fixed in 1.42.0+dfsg-1~deb11u1) forky: resolved (fixed in 1.42.0+dfsg-1) sid: resolved (

CVE-2021-36773 [HIGH] CVE-2021-36773: ublock-origin - uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth ... uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality). Scope: local bookworm: resolved (fixed in 1.37.0+dfsg-1) bullseye: resolved (fix