FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-29 10:45:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2c2d1c39-1396-459a-91f5-ca03ee7c64c6mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)

MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects

MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation

MFSA 2015-137 Firefox allows for control characters to be set in cookies

MFSA 2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed

MFSA 2015-139 Integer overflow allocating extremely large textures

MFSA 2015-140 Cross-origin information leak through web workers error events

MFSA 2015-141 Hash in data URI is incorrectly parsed

MFSA 2015-142 DOS due to malformed frames in HTTP/2

MFSA 2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library

MFSA 2015-144 Buffer overflows found through code inspection

MFSA 2015-145 Underflow through code inspection

MFSA 2015-146 Integer overflow in MP4 playback in 64-bit versions

MFSA 2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright

MFSA 2015-148 Privilege escalation vulnerabilities in WebExtension APIs

MFSA 2015-149 Cross-site reading attack through data and view-source URIs


Discovery 2015-12-15
Entry 2015-12-15
firefox
< 43.0,1

linux-firefox
< 43.0,1

seamonkey
< 2.40

linux-seamonkey
< 2.40

firefox-esr
< 38.5.0,1

libxul
< 38.5.0

thunderbird
< 38.5.0

linux-thunderbird
< 38.5.0

CVE-2015-7201
CVE-2015-7202
CVE-2015-7203
CVE-2015-7204
CVE-2015-7205
CVE-2015-7207
CVE-2015-7208
CVE-2015-7210
CVE-2015-7211
CVE-2015-7212
CVE-2015-7213
CVE-2015-7214
CVE-2015-7215
CVE-2015-7216
CVE-2015-7217
CVE-2015-7218
CVE-2015-7219
CVE-2015-7220
CVE-2015-7221
CVE-2015-7222
CVE-2015-7223
https://www.mozilla.org/security/advisories/mfsa2015-134/
https://www.mozilla.org/security/advisories/mfsa2015-135/
https://www.mozilla.org/security/advisories/mfsa2015-136/
https://www.mozilla.org/security/advisories/mfsa2015-137/
https://www.mozilla.org/security/advisories/mfsa2015-138/
https://www.mozilla.org/security/advisories/mfsa2015-139/
https://www.mozilla.org/security/advisories/mfsa2015-140/
https://www.mozilla.org/security/advisories/mfsa2015-141/
https://www.mozilla.org/security/advisories/mfsa2015-142/
https://www.mozilla.org/security/advisories/mfsa2015-143/
https://www.mozilla.org/security/advisories/mfsa2015-144/
https://www.mozilla.org/security/advisories/mfsa2015-145/
https://www.mozilla.org/security/advisories/mfsa2015-146/
https://www.mozilla.org/security/advisories/mfsa2015-147/
https://www.mozilla.org/security/advisories/mfsa2015-148/
https://www.mozilla.org/security/advisories/mfsa2015-149/
2c57c47e-8bb3-4694-83c8-9fc3abad3964mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2016-2827 - Out-of-bounds read in mozilla::net::IsValidReferrerPolicy [low]

CVE-2016-5256 - Memory safety bugs fixed in Firefox 49 [critical]

CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 [critical]

CVE-2016-5270 - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString [high]

CVE-2016-5271 - Out-of-bounds read in PropertyProvider::GetSpacingInternal [low]

CVE-2016-5272 - Bad cast in nsImageGeometryMixin [high]

CVE-2016-5273 - crash in mozilla::a11y::HyperTextAccessible::GetChildOffset [high]

CVE-2016-5274 - use-after-free in nsFrameManager::CaptureFrameState [high]

CVE-2016-5275 - global-buffer-overflow in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions [critical]

CVE-2016-5276 - Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList [high]

CVE-2016-5277 - Heap-use-after-free in nsRefreshDriver::Tick [high]

CVE-2016-5278 - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame [critical]

CVE-2016-5279 - Full local path of files is available to web pages after drag and drop [moderate]

CVE-2016-5280 - Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap [high]

CVE-2016-5281 - use-after-free in DOMSVGLength [high]

CVE-2016-5282 - Don't allow content to request favicons from non-whitelisted schemes [moderate]

CVE-2016-5283 -