diff --git a/announce/2024/mfsa2024-18.yml b/announce/2024/mfsa2024-18.yml
index 0570010..ff5d743 100644
--- a/announce/2024/mfsa2024-18.yml
+++ b/announce/2024/mfsa2024-18.yml
@@ -15,7 +15,7 @@ advisories:
GetBoundName could return the wrong version of an object when JIT optimizations were applied.
bugs:
- url: 1883542
- MFSA-RESERVE-2024-1193389:
+ CVE-2024-5702:
title: Use-after-free in networking
impact: high
reporter: Kershaw Chang
diff --git a/announce/2024/mfsa2024-25.yml b/announce/2024/mfsa2024-25.yml
index e26b03f..c86da02 100644
--- a/announce/2024/mfsa2024-25.yml
+++ b/announce/2024/mfsa2024-25.yml
@@ -5,7 +5,7 @@ fixed_in:
- Firefox 127
title: Security Vulnerabilities fixed in Firefox 127
advisories:
- MFSA-RESERVE-2024-1889066:
+ CVE-2024-5687:
title: An incorrect principal could have been used when opening new tabs
impact: high
reporter: jackyzy823
@@ -13,7 +13,7 @@ advisories:
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec-* headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites.
*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*
bugs:
- url: 1889066
- MFSA-RESERVE-2024-1895086:
+ CVE-2024-5688:
title: Use-after-free in JavaScript object transplant
impact: high
reporter: Lukas Bernhard
@@ -21,7 +21,7 @@ advisories:
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant.
bugs:
- url: 1895086
- MFSA-RESERVE-2024-1389707:
+ CVE-2024-5689:
title: User confusion and possible phishing vector via Firefox Screenshots
impact: moderate
reporter: Fabian Fäßler
@@ -29,7 +29,7 @@ advisories:
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing.
bugs:
- url: 1389707
- MFSA-RESERVE-2024-1883693:
+ CVE-2024-5690:
title: External protocol handlers leaked by timing attack
impact: moderate
reporter: Satoki Tsuji
@@ -37,7 +37,7 @@ advisories:
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system.
bugs:
- url: 1883693
- MFSA-RESERVE-2024-1888695:
+ CVE-2024-5691:
title: Sandboxed iframes were able to bypass sandbox restrictions to open a new window
impact: moderate
reporter: Luan Herrera
@@ -45,7 +45,7 @@ advisories:
By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window.
bugs:
- url: 1888695
- MFSA-RESERVE-2024-1891234:
+ CVE-2024-5692:
title: Bypass of file name restrictions during saving
impact: moderate
reporter: Raphael Shaniyazov and Axel Chong (@Haxatron)
@@ -54,7 +54,7 @@ advisories:
bugs:
- url: 1891234
- url: 1837514
- MFSA-RESERVE-2024-1891319:
+ CVE-2024-5693:
title: Cross-Origin Image leak via Offscreen Canvas
impact: moderate
reporter: Kirtikumar Anandrao Ramchandani
@@ -62,7 +62,7 @@ advisories:
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy.
bugs:
- url: 1891319
- MFSA-RESERVE-2024-1895055:
+ CVE-2024-5694:
title: Use-after-free in JavaScript Strings
impact: moderate
reporter: Lukas Bernhard
@@ -70,7 +70,7 @@ advisories:
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap.
bugs:
- url: 1895055
- MFSA-RESERVE-2024-1895579:
+ CVE-2024-5695:
title: Memory Corruption using allocation using out-of-memory conditions
impact: moderate
reporter: Irvan Kurniawan
@@ -78,7 +78,7 @@ advisories:
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred.
bugs:
- url: 1895579
- MFSA-RESERVE-2024-1896555:
+ CVE-2024-5696:
title: Memory Corruption in Text Fragments
impact: moderate
reporter: Irvan Kurniawan
@@ -86,7 +86,7 @@ advisories:
By manipulating the text in an <input> tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash.
bugs:
- url: 1896555
- MFSA-RESERVE-2024-1414937:
+ CVE-2024-5697:
title: Website was able to detect when Firefox was taking a screenshot of them
impact: low
reporter: Wil Clouser
@@ -94,7 +94,7 @@ advisories:
A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox.
bugs:
- url: 1414937
- MFSA-RESERVE-2024-1828259:
+ CVE-2024-5698:
title: Data-list could have overlaid address bar
impact: low
reporter: Hafiizh
@@ -102,7 +102,7 @@ advisories:
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks.
bugs:
- url: 1828259
- MFSA-RESERVE-2024-1891349:
+ CVE-2024-5699:
title: Cookie prefixes not treated as case-sensitive
impact: low
reporter: Konstantin Preißer
@@ -110,7 +110,7 @@ advisories:
In violation of spec, cookie prefixes such as __Secure were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix.
bugs:
- url: 1891349
- MFSA-RESERVE-2024-2:
+ CVE-2024-5700:
title: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
impact: high
reporter: The Mozilla Fuzzing Team
@@ -119,7 +119,7 @@ advisories:
bugs:
- url: 1862809, 1889355, 1893388, 1895123
desc: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
- MFSA-RESERVE-2024-4:
+ CVE-2024-5701:
title: Memory safety bugs fixed in Firefox 127
impact: high
reporter: Randell Jesup and the Mozilla Fuzzing Team
diff --git a/announce/2024/mfsa2024-26.yml b/announce/2024/mfsa2024-26.yml
index 3a0e9a9..6264dc5 100644
--- a/announce/2024/mfsa2024-26.yml
+++ b/announce/2024/mfsa2024-26.yml
@@ -5,7 +5,7 @@ fixed_in:
- Firefox ESR 115.12
title: Security Vulnerabilities fixed in Firefox ESR 115.12
advisories:
- MFSA-RESERVE-2024-1193389:
+ CVE-2024-5702:
title: Use-after-free in networking
impact: high
reporter: Kershaw Chang
@@ -13,7 +13,7 @@ advisories:
Memory corruption in the networking stack could have led to a potentially exploitable crash.
bugs:
- url: 1193389
- MFSA-RESERVE-2024-1895086:
+ CVE-2024-5688:
title: Use-after-free in JavaScript object transplant
impact: high
reporter: Lukas Bernhard
@@ -21,7 +21,7 @@ advisories:
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant.
bugs:
- url: 1895086
- MFSA-RESERVE-2024-1883693:
+ CVE-2024-5690:
title: External protocol handlers leaked by timing attack
impact: moderate
reporter: Satoki Tsuji
@@ -29,7 +29,7 @@ advisories:
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system.
bugs:
- url: 1883693
- MFSA-RESERVE-2024-1888695:
+ CVE-2024-5691:
title: Sandboxed iframes were able to bypass sandbox restrictions to open a new window
impact: moderate
reporter: Luan Herrera
@@ -37,7 +37,7 @@ advisories:
By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window.
bugs:
- url: 1888695
- MFSA-RESERVE-2024-1891234:
+ CVE-2024-5692:
title: Bypass of file name restrictions during saving
impact: moderate
reporter: Raphael Shaniyazov
@@ -45,7 +45,7 @@ advisories:
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected.
bugs:
- url: 1891234
- MFSA-RESERVE-2024-1891319:
+ CVE-2024-5693:
title: Cross-Origin Image leak via Offscreen Canvas
impact: moderate
reporter: Kirtikumar Anandrao Ramchandani
@@ -53,7 +53,7 @@ advisories:
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy.
bugs:
- url: 1891319
- MFSA-RESERVE-2024-1896555:
+ CVE-2024-5696:
title: Memory Corruption in Text Fragments
impact: moderate
reporter: Irvan Kurniawan
@@ -61,7 +61,7 @@ advisories:
By manipulating the text in an <input> tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash.
bugs:
- url: 1896555
- MFSA-RESERVE-2024-2:
+ CVE-2024-5700:
title: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
impact: high
reporter: The Mozilla Fuzzing Team