MGASA-2025-0092
- Source
- https://advisories.mageia.org/MGASA-2025-0092.html
- Import Source
- https://advisories.mageia.org/MGASA-2025-0092.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2025-0092
- Related
- Published
- 2025-03-12T07:00:00Z
- Modified
- 2025-03-12T06:26:25Z
- Summary
- Updated firefox & nss packages fix security vulnerabilities
- Details
-
CVE-2024-43097: Overflow when growing an SkRegion's RunArray CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1931: Use-after-free in WebTransportChild CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs CVE-2025-1934: Unexpected GC during RegExp bailout processing CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:9 / firefox
Package
- Name
- firefox
- Purl
- pkg:rpm/mageia/firefox?distro=mageia-9
Mageia:9 / firefox-l10n
Package
- Name
- firefox-l10n
- Purl
- pkg:rpm/mageia/firefox-l10n?distro=mageia-9
Mageia:9 / nss
Package
- Name
- nss
- Purl
- pkg:rpm/mageia/nss?distro=mageia-9