From af535d76c13d7930a96209ebf230005e7524d44b Mon Sep 17 00:00:00 2001 From: Tom Ritter Date: Thu, 6 Jun 2024 11:07:04 -0400 Subject: [PATCH] Assign CVEs --- announce/2024/mfsa2024-18.yml | 2 +- announce/2024/mfsa2024-25.yml | 30 +++++++++++++++--------------- announce/2024/mfsa2024-26.yml | 16 ++++++++-------- 3 files changed, 24 insertions(+), 24 deletions(-) diff --git a/announce/2024/mfsa2024-18.yml b/announce/2024/mfsa2024-18.yml index 0570010..ff5d743 100644 --- a/announce/2024/mfsa2024-18.yml +++ b/announce/2024/mfsa2024-18.yml @@ -15,7 +15,7 @@ advisories: GetBoundName could return the wrong version of an object when JIT optimizations were applied. bugs: - url: 1883542 - MFSA-RESERVE-2024-1193389: + CVE-2024-5702: title: Use-after-free in networking impact: high reporter: Kershaw Chang diff --git a/announce/2024/mfsa2024-25.yml b/announce/2024/mfsa2024-25.yml index e26b03f..c86da02 100644 --- a/announce/2024/mfsa2024-25.yml +++ b/announce/2024/mfsa2024-25.yml @@ -5,7 +5,7 @@ fixed_in: - Firefox 127 title: Security Vulnerabilities fixed in Firefox 127 advisories: - MFSA-RESERVE-2024-1889066: + CVE-2024-5687: title: An incorrect principal could have been used when opening new tabs impact: high reporter: jackyzy823 @@ -13,7 +13,7 @@ advisories: If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec-* headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites.
*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* bugs: - url: 1889066 - MFSA-RESERVE-2024-1895086: + CVE-2024-5688: title: Use-after-free in JavaScript object transplant impact: high reporter: Lukas Bernhard @@ -21,7 +21,7 @@ advisories: If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. bugs: - url: 1895086 - MFSA-RESERVE-2024-1389707: + CVE-2024-5689: title: User confusion and possible phishing vector via Firefox Screenshots impact: moderate reporter: Fabian Fäßler @@ -29,7 +29,7 @@ advisories: In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. bugs: - url: 1389707 - MFSA-RESERVE-2024-1883693: + CVE-2024-5690: title: External protocol handlers leaked by timing attack impact: moderate reporter: Satoki Tsuji @@ -37,7 +37,7 @@ advisories: By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. bugs: - url: 1883693 - MFSA-RESERVE-2024-1888695: + CVE-2024-5691: title: Sandboxed iframes were able to bypass sandbox restrictions to open a new window impact: moderate reporter: Luan Herrera @@ -45,7 +45,7 @@ advisories: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. bugs: - url: 1888695 - MFSA-RESERVE-2024-1891234: + CVE-2024-5692: title: Bypass of file name restrictions during saving impact: moderate reporter: Raphael Shaniyazov and Axel Chong (@Haxatron) @@ -54,7 +54,7 @@ advisories: bugs: - url: 1891234 - url: 1837514 - MFSA-RESERVE-2024-1891319: + CVE-2024-5693: title: Cross-Origin Image leak via Offscreen Canvas impact: moderate reporter: Kirtikumar Anandrao Ramchandani @@ -62,7 +62,7 @@ advisories: Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. bugs: - url: 1891319 - MFSA-RESERVE-2024-1895055: + CVE-2024-5694: title: Use-after-free in JavaScript Strings impact: moderate reporter: Lukas Bernhard @@ -70,7 +70,7 @@ advisories: An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. bugs: - url: 1895055 - MFSA-RESERVE-2024-1895579: + CVE-2024-5695: title: Memory Corruption using allocation using out-of-memory conditions impact: moderate reporter: Irvan Kurniawan @@ -78,7 +78,7 @@ advisories: If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. bugs: - url: 1895579 - MFSA-RESERVE-2024-1896555: + CVE-2024-5696: title: Memory Corruption in Text Fragments impact: moderate reporter: Irvan Kurniawan @@ -86,7 +86,7 @@ advisories: By manipulating the text in an <input> tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. bugs: - url: 1896555 - MFSA-RESERVE-2024-1414937: + CVE-2024-5697: title: Website was able to detect when Firefox was taking a screenshot of them impact: low reporter: Wil Clouser @@ -94,7 +94,7 @@ advisories: A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. bugs: - url: 1414937 - MFSA-RESERVE-2024-1828259: + CVE-2024-5698: title: Data-list could have overlaid address bar impact: low reporter: Hafiizh @@ -102,7 +102,7 @@ advisories: By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. bugs: - url: 1828259 - MFSA-RESERVE-2024-1891349: + CVE-2024-5699: title: Cookie prefixes not treated as case-sensitive impact: low reporter: Konstantin Preißer @@ -110,7 +110,7 @@ advisories: In violation of spec, cookie prefixes such as __Secure were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. bugs: - url: 1891349 - MFSA-RESERVE-2024-2: + CVE-2024-5700: title: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 impact: high reporter: The Mozilla Fuzzing Team @@ -119,7 +119,7 @@ advisories: bugs: - url: 1862809, 1889355, 1893388, 1895123 desc: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 - MFSA-RESERVE-2024-4: + CVE-2024-5701: title: Memory safety bugs fixed in Firefox 127 impact: high reporter: Randell Jesup and the Mozilla Fuzzing Team diff --git a/announce/2024/mfsa2024-26.yml b/announce/2024/mfsa2024-26.yml index 3a0e9a9..6264dc5 100644 --- a/announce/2024/mfsa2024-26.yml +++ b/announce/2024/mfsa2024-26.yml @@ -5,7 +5,7 @@ fixed_in: - Firefox ESR 115.12 title: Security Vulnerabilities fixed in Firefox ESR 115.12 advisories: - MFSA-RESERVE-2024-1193389: + CVE-2024-5702: title: Use-after-free in networking impact: high reporter: Kershaw Chang @@ -13,7 +13,7 @@ advisories: Memory corruption in the networking stack could have led to a potentially exploitable crash. bugs: - url: 1193389 - MFSA-RESERVE-2024-1895086: + CVE-2024-5688: title: Use-after-free in JavaScript object transplant impact: high reporter: Lukas Bernhard @@ -21,7 +21,7 @@ advisories: If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. bugs: - url: 1895086 - MFSA-RESERVE-2024-1883693: + CVE-2024-5690: title: External protocol handlers leaked by timing attack impact: moderate reporter: Satoki Tsuji @@ -29,7 +29,7 @@ advisories: By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. bugs: - url: 1883693 - MFSA-RESERVE-2024-1888695: + CVE-2024-5691: title: Sandboxed iframes were able to bypass sandbox restrictions to open a new window impact: moderate reporter: Luan Herrera @@ -37,7 +37,7 @@ advisories: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. bugs: - url: 1888695 - MFSA-RESERVE-2024-1891234: + CVE-2024-5692: title: Bypass of file name restrictions during saving impact: moderate reporter: Raphael Shaniyazov @@ -45,7 +45,7 @@ advisories: On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. bugs: - url: 1891234 - MFSA-RESERVE-2024-1891319: + CVE-2024-5693: title: Cross-Origin Image leak via Offscreen Canvas impact: moderate reporter: Kirtikumar Anandrao Ramchandani @@ -53,7 +53,7 @@ advisories: Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. bugs: - url: 1891319 - MFSA-RESERVE-2024-1896555: + CVE-2024-5696: title: Memory Corruption in Text Fragments impact: moderate reporter: Irvan Kurniawan @@ -61,7 +61,7 @@ advisories: By manipulating the text in an <input> tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. bugs: - url: 1896555 - MFSA-RESERVE-2024-2: + CVE-2024-5700: title: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 impact: high reporter: The Mozilla Fuzzing Team