AVG-1834 log

Package firefox
Status Fixed
Severity High
Type multiple issues
Affected 87.0-2
Fixed 88.0-1
Current 132.0.2-1 [extra]
Ticket None
Created Mon Apr 19 13:29:45 2021
Issue Severity Remote Type Description
CVE-2021-29947 High Yes Arbitrary code execution
A security issue has been found in Firefox before version 88. Mozilla developers and community members reported memory safety bugs present in Firefox 87....
CVE-2021-29946 Low Yes Access restriction bypass
A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. Ports that were written as an integer overflow above the...
CVE-2021-24002 Medium Yes Arbitrary command execution
A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. When a user clicked on an FTP URL containing encoded...
CVE-2021-24001 Medium Yes Sandbox escape
A security issue has been found in Firefox before version 88. A compromised content process could have performed session history manipulations it should not...
CVE-2021-24000 Medium Yes Content spoofing
A security issue has been found in Firefox before version 88. A race condition with requestPointerLock() and setTimeout() could have resulted in a user...
CVE-2021-23999 Medium Yes Sandbox escape
A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. If a Blob URL was loaded through some unusual user...
CVE-2021-23998 Medium Yes Content spoofing
A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. Through complicated navigations with new windows, an HTTP...
CVE-2021-23997 High Yes Arbitrary code execution
A security issue has been found in Firefox before version 88. Due to unexpected data type conversions, a use-after-free could have occurred when interacting...
CVE-2021-23996 High Yes Content spoofing
A security issue has been found in Firefox before version 88. By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside...
CVE-2021-23995 High Yes Arbitrary code execution
A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. When Responsive Design Mode was enabled, it used...
CVE-2021-23994 High Yes Arbitrary code execution
A security issue has been found in Firefox before version 88 and Thunderbird before version 78.10. A WebGL framebuffer was not initialized early enough,...
Date Advisory Package Type
29 Apr 2021 ASA-202104-3 firefox multiple issues