CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-43537 – Mozilla: Heap buffer overflow when using structured clone
https://notcve.org/view.php?id=CVE-2021-43537
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Una conversión de tipo incorrecta de los tamaños de enteros de 64 bits a 32 bits permitía a un atacante corromper la memoria, conllevando a un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 91.4.0, Firefox ESR versiones anteriores a 91.4.0, y Firefox versiones anteriores a 95 The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1738237 https://lists.debian.org/debian-lts-announce/2021/12/msg00030.html https://lists.debian.org/debian-lts-announce/2022/01/msg00001.html https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.debian.org/security/2021/dsa-5026 https://www.debian.org/security/2022/dsa-5034 https://www.mozilla.org/security/advisories/mfsa2021-52 https://www.mozilla.org/security/advisories/mfsa2021-53 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-43538 – Mozilla: Missing fullscreen and pointer lock notification when requesting both
https://notcve.org/view.php?id=CVE-2021-43538
By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Mediante el uso indebido de una carrera en nuestro código de notificación, un atacante podría haber ocultado a la fuerza la notificación de las páginas que habían recibido acceso a pantalla completa y bloqueo de puntero, lo que podría haber sido usado para ataques de suplantación de identidad. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 91.4.0, Firefox ESR versiones anteriores a 91.4.0 y Firefox versiones anteriores a 95 The Mozilla Foundation Security Advisory describes this flaw as: By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. • https://bugzilla.mozilla.org/show_bug.cgi?id=1739091 https://lists.debian.org/debian-lts-announce/2021/12/msg00030.html https://lists.debian.org/debian-lts-announce/2022/01/msg00001.html https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.debian.org/security/2021/dsa-5026 https://www.debian.org/security/2022/dsa-5034 https://www.mozilla.org/security/advisories/mfsa2021-52 https://www.mozilla.org/security/advisories/mfsa2021-53 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-43539 – Mozilla: GC rooting failure when calling wasm instance methods
https://notcve.org/view.php?id=CVE-2021-43539
Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Un fallo en el registro correcto de la ubicación de los punteros vivos a través de las llamadas a instancias de wasm daba lugar a que una GC que ocurría dentro de la llamada no rastreara esos punteros vivos. Esto podría haber conllevado a un uso de memoria previamente liberada causando un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1739683 https://lists.debian.org/debian-lts-announce/2021/12/msg00030.html https://lists.debian.org/debian-lts-announce/2022/01/msg00001.html https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.debian.org/security/2021/dsa-5026 https://www.debian.org/security/2022/dsa-5034 https://www.mozilla.org/security/advisories/mfsa2021-52 https://www.mozilla.org/security/advisories/mfsa2021-53 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-43541 – Mozilla: External protocol handler parameters were unescaped
https://notcve.org/view.php?id=CVE-2021-43541
When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Cuando son invocados manejadores de protocolo para protocolos externos, una URL de parámetro suministrada que contenía espacios no se escapaba correctamente. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 91.4.0, Firefox ESR versiones anteriores a 91.4.0 y Firefox versiones anteriores a 95 • https://bugzilla.mozilla.org/show_bug.cgi?id=1696685 https://lists.debian.org/debian-lts-announce/2021/12/msg00030.html https://lists.debian.org/debian-lts-announce/2022/01/msg00001.html https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.debian.org/security/2021/dsa-5026 https://www.debian.org/security/2022/dsa-5034 https://www.mozilla.org/security/advisories/mfsa2021-52 https://www.mozilla.org/security/advisories/mfsa2021-53 • CWE-428: Unquoted Search Path or Element •
CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0CVE-2021-43542 – Mozilla: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
https://notcve.org/view.php?id=CVE-2021-43542
Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95. Usando XMLHttpRequest, un atacante podría haber identificado aplicaciones instaladas sondeando los mensajes de error para cargar protocolos externos. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 91.4.0, Firefox ESR versiones anteriores a 91.4.0 y Firefox versiones anteriores a 95 • https://bugzilla.mozilla.org/show_bug.cgi?id=1723281 https://lists.debian.org/debian-lts-announce/2021/12/msg00030.html https://lists.debian.org/debian-lts-announce/2022/01/msg00001.html https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.debian.org/security/2021/dsa-5026 https://www.debian.org/security/2022/dsa-5034 https://www.mozilla.org/security/advisories/mfsa2021-52 https://www.mozilla.org/security/advisories/mfsa2021-53 • CWE-209: Generation of Error Message Containing Sensitive Information •