Fri Apr 26 2024 07:46:31 PDT
  • Classification: Client Software, Developer Infrastructure, Components, Server Software, Other
  • tracking-firefox-esr60: 67+
43 bugs found.
ID Product Comp Assignee Status Resolution Summary Updated status-firefox66 status-firefox67 status-firefox68 status-firefox-esr60 tracking-firefox-esr60 Pri Keywords
1533554 Core Widget: Win32 alex.gaynor RESO FIXE Write beyond bounds in nsClipboard::GetGlobalData() 2022-01-10 wontfix fixed fixed fixed 67+ P1 csectype-intoverflow, regression, sec-high
1538042 Core Find Backend bwerth RESO FIXE nsFind::Find uses array index -1 access when searching for the null character 2020-06-04 wontfix fixed fixed fixed 67+ P1 crash, csectype-bounds, regression, sec-high, testcase
1535612 Core CSS Parsing and Comp emilio RESO FIXE SUMMARY: AddressSanitizer: heap-use-after-free /builds/worker/workspace/build/src/obj-firefox/dist/include/nsWrapperCache.h:162:12 in GetWrapperMaybeDead 2020-06-04 wontfix fixed fixed fixed 67+ P1 crash, csectype-uaf, sec-high, testcase
1542581 Toolkit Crash Reporting gsvelto RESO FIXE Race condition in google_breakpad::CrashGenerationServer::AddClient leading to UAF write in broker (Sandbox escape / LPE) 2022-01-10 wontfix fixed fixed fixed 67+ P1 csectype-race, csectype-sandbox-escape, regression, sec-high
1544386 Core JavaScript Engine: J jdemooij RESO FIXE Spidermonkey: IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusions 2020-11-03 --- fixed fixed fixed 67+ P1 csectype-jit, sec-critical
1546327 Core JavaScript Engine jdemooij RESO FIXE Bytecode length can overflow UINT32_MAX 2020-06-04 wontfix fixed fixed fixed 67+ P1 csectype-intoverflow, sec-high
1516325 Core Networking jld RESO FIXE Crash in poll 2020-06-04 wontfix fixed fixed fixed 67+ P1 crash, csectype-bounds, sec-high, testcase-wanted
1499108 Core Storage: IndexedDB jvarga RESO FIXE AddressSanitizer: heap-use-after-free [@ fetch_add] with WRITE of size 8 2020-06-04 wontfix fixed fixed fixed 67+ P1 crash, csectype-uaf, sec-high, testcase-wanted
1499719 Core Storage: IndexedDB jvarga RESO FIXE AddressSanitizer: heap-use-after-free [@ isSome] with READ of size 1 2020-06-04 wontfix fixed fixed fixed 67+ P1 crash, csectype-uaf, sec-high, testcase-wanted
1538619 Core Storage: IndexedDB jvarga RESO FIXE TransactionDatabaseOperationBase::SendFailureResult not called if the actor has been destroyed 2020-06-04 wontfix fixed fixed fixed 67+ P1 csectype-uaf, sec-high
1542097 Core Audio/Video: Playbac jya-moz RESO FIXE heap-buffer-overflow in [@ mozilla::AudioConverter::DownmixAudio] 2020-06-04 wontfix fixed fixed fixed 67+ P1 crash, csectype-bounds, sec-high, testcase
1559858 Firefox Security mail RESO FIXE Sending `Prompt:Open` from the child allows for a sandbox escape 2021-10-20 --- --- fixed fixed 67+ P1 csectype-priv-escalation, csectype-sandbox-escape, sec-high
1543617 Firefox Bookmarks & History mak RESO FIXE Disallow place: urls in text flavors 2019-04-22 wontfix verified verified fixed 67+ P1
1536768 Core JavaScript Engine: J mgaudet RESO FIXE IonMonkey: unexpected ObjectGroup in ObjectGroupDispatch operation might lead to potentially unsafe code being executed 2020-11-03 wontfix fixed fixed fixed 67+ P1 sec-high
1551852 Firefox General nobody RESO WORK Cannot load candidate resources on Youtube 2019-07-03 unaffected unaffected unaffected fixed 67+ P1 regression, regressionwindow-wanted
1544670 Core DOM: Core & HTML smaug RESO FIXE heap-use-after-free in mozilla::dom::WakeLock::Release 2020-06-23 wontfix fixed fixed fixed 67+ P1 csectype-uaf, regression, sec-high
1532525 Core Graphics: CanvasWebG sotaro.ikeda.g RESO FIXE could be trigger oom problem with WebGLBuffer::BufferData 2020-06-04 wontfix fixed fixed fixed 67+ P1 csectype-intoverflow, sec-high
1541580 Core JavaScript Engine tcampbell RESO FIXE OOM during ProxyObject create leaves partially initialized object in GC 2022-01-07 wontfix fixed fixed fixed 67+ P1 csectype-uninitialized, regression, sec-high
1502799 Core DOM: Core & HTML amarchesini RESO FIXE Implement origin-clean algorithm for ImageBitmap 2019-06-27 --- --- --- fixed 67+ P2
1534196 Core Security: Process Sa bobowencode RESO FIXE information disclosure due to an incorrect return value in `FileSystemPolicy::OpenFileAction` 2020-06-04 wontfix fixed fixed fixed 67+ P2 csectype-disclosure, sec-moderate
1540136 Core Audio/Video: GMP brycebugemail RESO FIXE AddressSanitizer: heap-use-after-free [@ mozilla::gmp::ChromiumCDMParent::Shutdown] with READ of size 8 2020-06-04 wontfix fixed fixed fixed 67+ P2 crash, csectype-race, sec-high, testcase-wanted
1532465 Core WebRTC: Audio/Video dminor RESO FIXE Use after free and undefined behavior in MediaType 2020-06-22 wontfix fixed fixed fixed 67+ P2 csectype-uaf, sec-moderate
1535194 Core JavaScript: WebAssem lhansen RESO FIXE Silent overflow in diffB during far jump setup leads to branch-to-wild-location 2020-06-04 wontfix fixed fixed fixed 67+ P2 assertion, bugmon, csectype-other, sec-critical, testcase
1538736 Core Graphics: Layers nical.bugzilla RESO FIXE AddressSanitizer: heap-use-after-free [@ Manager] with READ of size 8 2020-06-04 wontfix fixed fixed fixed 67+ P2 crash, csectype-uaf, sec-high, testcase-wanted
1528909 Core Graphics: Canvas2D amarchesini RESO FIXE ImageBitmap drawn to canvases, does not affect taint 2022-01-10 fixed fixed --- fixed 67+ -- csectype-sop, regression, sec-high
1543641 Core JavaScript: Internat andrebargull RESO FIXE Consider applying Reiwa patches for ICU63 (Beta) and ICU60 (ESR) 2019-05-15 --- fixed fixed fixed 67+ --
1542324 Toolkit Find Toolbar bwerth RESO FIXE global-buffer-overflow in [@ nsFind::Find] 2020-06-04 --- fixed fixed fixed 67+ -- csectype-bounds, sec-high, testcase
1534593 Core DOM: Bindings (WebID bzbarsky RESO FIXE Intermittent PROCESS-CRASH | Main app process exited normally | application crashed [@ js::TenuringTracer::traverse<JSObject>(JSObject**)] 2020-06-04 wontfix fixed fixed fixed 67+ -- crash, csectype-uninitialized, intermittent-failure, sec-high
1542465 Core DOM: Core & HTML docfaraday RESO FIXE use-after-free in mozilla::dom::XMLHttpRequestMainThread::DispatchProgressEvent 2020-06-04 wontfix fixed fixed fixed 67+ -- csectype-uaf, sec-high
1546544 Core DOM: Workers haftandilian RESO FIXE macOS: disable hyperthreading on threads that run content JS 2022-02-18 wontfix fixed fixed fixed 67+ -- csectype-other, sec-high
1559845 Core JavaScript Engine: J jdemooij RESO FIXE Firefox breakout observed in the wild 2020-06-04 --- fixed fixed fixed 67+ -- sec-critical
1535518 Core Graphics lsalzman RESO FIXE Possible out of bounds read in Skia 2020-08-08 unaffected unaffected unaffected fixed 67+ -- csectype-bounds, sec-moderate
1542829 Core Graphics: ImageLib ryanvm RESO FIXE libpng use-after-free in png_image_free 2020-06-04 wontfix fixed fixed fixed 67+ -- csectype-uaf, sec-high
1540166 Core XPCOM smaug RESO FIXE Don't run forgetSkippable during SnowWhiteFreeing 2020-06-04 wontfix fixed fixed fixed 67+ -- sec-high
1546836 Core Security: Process Sa haftandilian VERI FIXE Video Playback Issues on macOS Version 10.14.5 Beta 2020-05-26 wontfix verified verified verified 67+ P1
1521370 Core Audio/Video: Playbac jya-moz VERI FIXE Reproducible tab crashes after update to Windows 10 1809 2021-02-22 verified verified --- verified 67+ P1 crash
1543191 Firefox Bookmarks & History mak VERI FIXE Stealing history data using places querying and drag and drop 2020-06-04 wontfix verified verified verified 67+ P1 csectype-disclosure, sec-moderate
1532761 Firefox Search mozilla VERI FIXE visibleDefaultEngines ignored error on beta with browser.search.log 2022-01-10 verified verified --- fixed 67+ P1 regression
1532553 Core DOM: Service Workers amarchesini VERI FIXE Compartment mismatch in APIUnwrapAndDowncast<js::ReadableStream> 2022-01-10 wontfix verified verified fixed 67+ P2 regression, sec-high
1484980 WebExtensions Frontend tomica VERI FIXE Canvas toDataURL doesn't work with loaded images on WebExtensions content scripts 2019-05-14 --- --- --- fixed 67+ P3
1526218 Core Graphics: Canvas2D amarchesini VERI FIXE Tainted canvases can be rendered in a bitmap context 2022-01-10 verified verified --- fixed 67+ -- csectype-sop, regression, sec-high
1540221 Core Graphics: Canvas2D amarchesini VERI FIXE Security: Cross-origin theft of images in fillText and CanvasPattern 2020-06-04 wontfix verified verified verified 67+ -- csectype-sop, sec-high
1536405 Core DOM: Navigation nika VERI FIXE heap-use-after-free in nsDocShell::GetChromeEventHandler 2020-06-04 wontfix verified verified fixed 67+ -- csectype-uaf, sec-high
43 bugs found.
REST | CSV | Feed | iCalendar
Change Columns 		Edit Search
as