AVG-2148 log

Package firefox
Status Fixed
Severity High
Type multiple issues
Affected 89.0.2-1
Fixed 90.0-1
Current 94.0.2-2 [extra]
Ticket None
Created Tue Jul 13 15:33:42 2021
Issue Severity Remote Type Description
CVE-2021-30547 High Yes Arbitrary code execution
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash in the Chromium browser engine...
CVE-2021-29977 High Yes Arbitrary code execution
Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with...
CVE-2021-29976 High Yes Arbitrary code execution
Mozilla developers reported memory safety bugs present in Firefox 89 and Thunderbird 78.11. Some of these bugs showed evidence of memory corruption and...
CVE-2021-29975 Medium Yes Content spoofing
Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of...
CVE-2021-29974 Medium Yes Insufficient validation
When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error...
CVE-2021-29972 Medium Yes Arbitrary code execution
A user-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have...
CVE-2021-29970 High Yes Arbitrary code execution
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. This bug only affected Firefox before...
Date Advisory Package Type
14 Jul 2021 ASA-202107-20 firefox multiple issues