Описание
AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding() and AppendEncodedCharacters() could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | released | 124.0+build1-0ubuntu0.20.04.1 |
| jammy | not-affected | code not present |
| mantic | not-affected | code not present |
| noble | not-affected | code not present |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | ignored | |
| esm-apps/noble | ignored | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | ignored | |
| mantic | ignored | end of life, was needs-triage |
| noble | ignored | |
| upstream | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | ignored | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| upstream | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | ignored | |
| esm-infra/bionic | ignored | |
| focal | ignored | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| upstream | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra/focal | ignored | |
| focal | ignored | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| upstream | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/jammy | ignored | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | ignored | |
| mantic | DNE | |
| noble | DNE | |
| upstream | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | ignored | |
| mantic | DNE | |
| noble | DNE | |
| upstream | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | released | 1:115.9.0+build1-0ubuntu0.20.04.1 |
| jammy | released | 1:115.9.0+build1-0ubuntu0.22.04.1 |
| mantic | released | 1:115.9.0+build1-0ubuntu0.23.10.1 |
| noble | not-affected | code not present |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
8.4 High
CVSS3
Связанные уязвимости
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and ...
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Уязвимость функций AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding() и AppendEncodedCharacters() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
EPSS
8.4 High
CVSS3