firefox vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the firefox package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:128.2.0-1.el8_10
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • H
Improperly Implemented Security Check for Standard

<0:128.2.0-1.el8_10
  • H
Incorrect Type Conversion or Cast

<0:128.2.0-1.el8_10
  • H
Out-of-bounds Write

<0:128.2.0-1.el8_10
  • H
Missing Authorization

<0:128.2.0-1.el8_10
  • H
Buffer Overflow

<0:128.2.0-1.el8_10
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:128.2.0-1.el8_10
  • H
Exposure of System Data to an Unauthorized Control Sphere

<0:128.2.0-1.el8_10
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:115.14.0-2.el8_10
  • H
Use After Free

<0:115.14.0-2.el8_10
  • H
Out-of-bounds Write

<0:115.14.0-2.el8_10
  • H
Use After Free

<0:115.14.0-2.el8_10
  • H
CVE-2024-7529

<0:115.14.0-2.el8_10
  • H
Use After Free

<0:115.14.0-2.el8_10
  • H
Out-of-bounds Read

<0:115.14.0-2.el8_10
  • H
Cross-site Scripting (XSS)

<0:115.14.0-2.el8_10
  • H
Use of Uninitialized Resource

<0:115.14.0-2.el8_10
  • H
Improper Privilege Management

<0:115.14.0-2.el8_10
  • H
CVE-2024-7518

<0:115.14.0-2.el8_10
  • H
Out-of-Bounds

<0:115.13.0-3.el8_10
  • H
Improper Preservation of Permissions

<0:115.13.0-3.el8_10
  • H
Buffer Overflow

<0:115.13.0-3.el8_10
  • M
Improper Input Validation

*
  • H
Buffer Overflow

<0:115.12.0-1.el8_10
  • H
Improper Access Control

<0:115.12.0-1.el8_10
  • H
Use After Free

<0:115.12.0-1.el8_10
  • H
Covert Timing Channel

<0:115.12.0-1.el8_10
  • H
Improper Validation of Specified Type of Input

<0:115.12.0-1.el8_10
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:115.12.0-1.el8_10
  • H
Use After Free

<0:115.12.0-1.el8_10
  • M
Integer Overflow or Wraparound

*
  • M
Improper Check for Unusual or Exceptional Conditions

<0:115.11.0-1.el8_10
  • M
User Interface (UI) Misrepresentation of Critical Information

<0:115.11.0-1.el8_10
  • M
Improper Cross-boundary Removal of Sensitive Data

<0:115.11.0-1.el8_10
  • M
Buffer Overflow

<0:115.11.0-1.el8_10
  • M
Inclusion of Functionality from Untrusted Control Sphere

<0:115.11.0-1.el8_10
  • M
Use After Free

<0:115.11.0-1.el8_10
  • H
Resource Exhaustion

<0:115.10.0-1.el8_9
  • H
Use After Free

<0:115.10.0-1.el8_9
  • H
Out-of-bounds Read

<0:115.10.0-1.el8_9
  • H
Integer Overflow or Wraparound

<0:115.10.0-1.el8_9
  • H
Use After Free

<0:115.10.0-1.el8_9
  • H
Buffer Overflow

<0:115.10.0-1.el8_9
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:115.10.0-1.el8_9
  • H
Product UI does not Warn User of Unsafe Actions

<0:115.10.0-1.el8_9
  • C
Arbitrary Code Injection

<0:115.9.1-1.el8_9
  • C
The UI Performs the Wrong Action

<0:115.9.1-1.el8_9
  • C
Information Exposure

<0:115.9.1-1.el8_9
  • C
Use After Free

<0:115.9.1-1.el8_9
  • C
Integer Overflow or Wraparound

<0:115.9.1-1.el8_9
  • C
CVE-2024-2616

<0:115.9.1-1.el8_9
  • C
Cross-site Scripting (XSS)

<0:115.9.1-1.el8_9
  • C
Buffer Overflow

<0:115.9.1-1.el8_9
  • C
Register Interface Allows Software Access to Sensitive Data or Security Settings

<0:115.9.1-1.el8_9
  • H
Incorrect Conversion between Numeric Types

<0:115.8.0-1.el8_9
  • H
Arbitrary Code Injection

<0:115.8.0-1.el8_9
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.8.0-1.el8_9
  • H
Buffer Overflow

<0:115.8.0-1.el8_9
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.8.0-1.el8_9
  • H
Out-of-bounds Read

<0:115.8.0-1.el8_9
  • H
The UI Performs the Wrong Action

<0:115.8.0-1.el8_9
  • H
The UI Performs the Wrong Action

<0:115.8.0-1.el8_9
  • M
Resource Exhaustion

*
  • M
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.7.0-1.el8_9
  • H
Out-of-bounds Write

<0:115.7.0-1.el8_9
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.7.0-1.el8_9
  • C
Unchecked Return Value

<0:115.9.1-1.el8_9
  • H
Improper Input Validation

<0:115.7.0-1.el8_9
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.7.0-1.el8_9
  • H
Inadequate Encryption Strength

<0:115.7.0-1.el8_9
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.7.0-1.el8_9
  • H
Buffer Overflow

<0:115.7.0-1.el8_9
  • H
Improper Input Validation

<0:115.7.0-1.el8_9
  • M
Information Exposure

*
  • H
Heap-based Buffer Overflow

<0:115.6.0-1.el8_9
  • H
Improper Input Validation

<0:115.6.0-1.el8_9
  • H
Improper Input Validation

<0:115.6.0-1.el8_9
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.6.0-1.el8_9
  • H
Use After Free

<0:115.6.0-1.el8_9
  • H
Use of Uninitialized Resource

<0:115.6.0-1.el8_9
  • H
Race Condition

<0:115.6.0-1.el8_9
  • H
Heap-based Buffer Overflow

<0:115.6.0-1.el8_9
  • H
Buffer Overflow

<0:115.6.0-1.el8_9
  • H
Heap-based Buffer Overflow

<0:115.6.0-1.el8_9
  • H
Use After Free

<0:115.6.0-1.el8_9
  • H
Buffer Overflow

<0:115.5.0-1.el8_9
  • H
Use After Free

<0:115.5.0-1.el8_9
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.5.0-1.el8_9
  • H
Directory Traversal

<0:115.5.0-1.el8_9
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.5.0-1.el8_9
  • H
Use After Free

<0:115.5.0-1.el8_9
  • H
Out-of-bounds Read

<0:115.5.0-1.el8_9
  • H
Buffer Overflow

<0:115.4.0-1.el8_8
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.4.0-1.el8_8
  • H
Product UI does not Warn User of Unsafe Actions

<0:115.4.0-1.el8_8
  • H
Multiple Interpretations of UI Input

<0:115.4.0-1.el8_8
  • H
Open Redirect

<0:115.4.0-1.el8_8
  • H
Memory Leak

<0:115.4.0-1.el8_8
  • H
Improper Handling of Exceptional Conditions

<0:115.4.0-1.el8_8
  • H
Out-of-Bounds

<0:115.3.1-1.el8_8
  • H
Heap-based Buffer Overflow

<0:102.15.1-1.el8_8
  • H
Buffer Overflow

<0:115.3.1-1.el8_8
  • H
Use After Free

<0:115.3.1-1.el8_8
  • H
Out-of-bounds Write

<0:115.3.1-1.el8_8
  • H
Heap-based Buffer Overflow

<0:102.15.1-1.el8_8
  • H
Resource Exhaustion

<0:102.15.0-1.el8_8
  • H
Information Exposure

<0:102.15.0-1.el8_8
  • H
Use After Free

<0:102.15.0-1.el8_8
  • H
Compilation with Insufficient Warnings or Errors

<0:102.15.0-1.el8_8
  • H
Use After Free

<0:102.15.0-1.el8_8
  • H
Use After Free

<0:102.15.0-1.el8_8
  • H
Buffer Overflow

<0:102.15.0-1.el8_8
  • H
Out-of-Bounds

<0:102.15.0-1.el8_8
  • H
Buffer Overflow

<0:102.15.0-1.el8_8
  • H
Incorrect Behavior Order: Early Validation

<0:102.15.0-1.el8_8
  • H
Authentication Bypass

<0:102.15.0-1.el8_8
  • H
Authentication Bypass

<0:102.15.0-1.el8_8
  • H
Reliance on Cookies without Validation and Integrity Checking in a Security Decision

<0:102.14.0-1.el8_8
  • H
Buffer Overflow

<0:102.14.0-1.el8_8
  • H
Improper Handling of Insufficient Permissions or Privileges

<0:102.14.0-1.el8_8
  • H
Race Condition

<0:102.14.0-1.el8_8
  • H
Out-of-bounds Read

<0:102.14.0-1.el8_8
  • H
Improper Input Validation

<0:102.14.0-1.el8_8
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:102.14.0-1.el8_8
  • H
Buffer Overflow

<0:102.14.0-1.el8_8
  • H
Buffer Overflow

<0:102.14.0-1.el8_8
  • H
Use After Free

<0:115.3.1-1.el8_8
  • H
Authentication Bypass

<0:102.13.0-2.el8_8
  • H
Use After Free

<0:102.13.0-2.el8_8
  • H
Compilation with Insufficient Warnings or Errors

<0:102.13.0-2.el8_8
  • H
Use After Free

<0:102.13.0-2.el8_8
  • H
Buffer Overflow

<0:102.13.0-2.el8_8
  • M
Resource Exhaustion

*
  • H
Buffer Overflow

<0:102.12.0-1.el8_8
  • H
The UI Performs the Wrong Action

<0:102.12.0-1.el8_8
  • H
Buffer Overflow

<0:102.11.0-2.el8_7
  • H
Improper Handling of Insufficient Permissions or Privileges

<0:102.11.0-2.el8_7
  • H
User Interface (UI) Misrepresentation of Critical Information

<0:102.11.0-2.el8_7
  • H
Use of Uninitialized Variable

<0:102.11.0-2.el8_7
  • H
Out-of-bounds Read

<0:102.11.0-2.el8_7
  • H
Insufficient Verification of Data Authenticity

<0:102.11.0-2.el8_7
  • H
Resource Exhaustion

<0:102.11.0-2.el8_7
  • H
Double Free

<0:102.10.0-1.el8_7
  • H
Incorrect Calculation

<0:102.10.0-1.el8_7
  • H
Direct Request ('Forced Browsing')

<0:102.10.0-1.el8_7
  • H
Failure to Sanitize Special Element

<0:102.10.0-1.el8_7
  • H
Unrestricted Upload of File with Dangerous Type

<0:102.10.0-1.el8_7
  • H
Buffer Overflow

<0:102.10.0-1.el8_7
  • H
Reachable Assertion

<0:102.10.0-1.el8_7
  • H
Out-of-Bounds

<0:102.10.0-1.el8_7
  • H
Out-of-Bounds

<0:102.10.0-1.el8_7
  • M
Inefficient Regular Expression Complexity

*
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:102.9.0-3.el8_7
  • H
Incorrect Type Conversion or Cast

<0:102.9.0-3.el8_7
  • H
Out-of-bounds Read

<0:102.9.0-3.el8_7
  • H
Buffer Overflow

<0:102.9.0-3.el8_7
  • H
Arbitrary Code Injection

<0:102.9.0-3.el8_7
  • H
Use After Free

<0:102.8.0-2.el8_7
  • H
Improper Handling of Alternate Encoding

<0:102.8.0-2.el8_7
  • H
Insufficient UI Warning of Dangerous Operations

<0:102.8.0-2.el8_7
  • H
Buffer Overflow

<0:102.8.0-2.el8_7
  • H
Cross-site Scripting (XSS)

<0:102.8.0-2.el8_7
  • H
Use After Free

<0:102.8.0-2.el8_7
  • H
Incorrect Type Conversion or Cast

<0:102.8.0-2.el8_7
  • H
Incorrect Synchronization

<0:102.8.0-2.el8_7
  • H
Out-of-bounds Write

<0:102.8.0-2.el8_7
  • H
Buffer Overflow

<0:102.8.0-2.el8_7
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.8.0-2.el8_7
  • H
Buffer Overflow

<0:102.7.0-1.el8_7
  • H
CVE-2023-23602

<0:102.7.0-1.el8_7
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:102.7.0-1.el8_7
  • H
Incorrect Regular Expression

<0:102.7.0-1.el8_7
  • H
Arbitrary Command Injection

<0:102.7.0-1.el8_7
  • H
Use of Unmaintained Third Party Components

<0:102.7.0-1.el8_7
  • H
Multiple Interpretations of UI Input

<0:102.7.0-1.el8_7
  • H
Insufficient UI Warning of Dangerous Operations

<0:102.7.0-1.el8_7
  • H
Buffer Overflow

<0:91.4.0-1.el8_5
  • H
Out-of-Bounds

<0:78.9.0-1.el8_3
  • H
Out-of-bounds Read

*
  • H
Truncation of Security-relevant Information

<0:102.6.0-1.el8_7
  • H
Out-of-Bounds

<0:102.6.0-1.el8_7
  • H
Use After Free

<0:102.6.0-1.el8_7
  • H
Buffer Overflow

<0:102.6.0-1.el8_7
  • H
Use After Free

<0:102.6.0-1.el8_7
  • H
Information Exposure

<0:102.6.0-1.el8_7
  • H
Use After Free

<0:102.5.0-1.el8_7
  • H
Buffer Overflow

<0:102.5.0-1.el8_7
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:102.5.0-1.el8_7
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.5.0-1.el8_7
  • H
Information Exposure

<0:102.5.0-1.el8_7
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.5.0-1.el8_7
  • H
Information Exposure

<0:102.5.0-1.el8_7
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.5.0-1.el8_7
  • H
Sensitive Cookie with Improper SameSite Attribute

<0:102.5.0-1.el8_7
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.5.0-1.el8_7
  • H
Use After Free

<0:102.5.0-1.el8_7
  • H
Use After Free

<0:102.5.0-1.el8_7
  • H
Cross-site Scripting (XSS)

<0:102.5.0-1.el8_7
  • M
Use After Free

*
  • H
Resource Exhaustion

<0:102.4.0-1.el8_6
  • H
Buffer Overflow

<0:102.4.0-1.el8_6
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:102.4.0-1.el8_6
  • H
Buffer Overflow

<0:102.4.0-1.el8_6
  • H
Use After Free

*
  • H
Buffer Overflow

<0:102.3.0-6.el8_6
  • H
Use After Free

<0:102.3.0-6.el8_6
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.3.0-6.el8_6
  • H
Improper Handling of Inconsistent Structural Elements

<0:102.3.0-6.el8_6
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.3.0-6.el8_6
  • H
Reliance on Cookies without Validation and Integrity Checking in a Security Decision

<0:102.3.0-6.el8_6
  • H
Buffer Overflow

<0:91.13.0-1.el8_6
  • H
Product UI does not Warn User of Unsafe Actions

<0:91.13.0-1.el8_6
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.13.0-1.el8_6
  • H
Buffer Overflow

<0:91.13.0-1.el8_6
  • H
Use After Free

<0:91.13.0-1.el8_6
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.12.0-2.el8_6
  • H
Cross-site Scripting (XSS)

<0:91.12.0-2.el8_6
  • H
Buffer Overflow

<0:91.12.0-2.el8_6
  • H
Return of Wrong Status Code

<0:91.11.0-2.el8_6
  • H
Integer Overflow or Wraparound

<0:91.11.0-2.el8_6
  • H
Buffer Overflow

<0:91.11.0-2.el8_6
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.11.0-2.el8_6
  • H
Cross-site Scripting (XSS)

<0:91.11.0-2.el8_6
  • H
Use After Free

<0:91.11.0-2.el8_6
  • H
Cross-site Scripting (XSS)

<0:91.11.0-2.el8_6
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<0:91.11.0-2.el8_6
  • L
Cross-site Scripting (XSS)

*
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:91.10.0-1.el8_6
  • H
Buffer Overflow

<0:91.10.0-1.el8_6
  • H
Allocation of Resources Without Limits or Throttling

<0:91.10.0-1.el8_6
  • H
Use of Uninitialized Variable

<0:91.10.0-1.el8_6
  • H
Buffer Overflow

<0:91.10.0-1.el8_6
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.10.0-1.el8_6
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:91.10.0-1.el8_6
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:91.9.1-1.el8_6
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:91.9.1-1.el8_6
  • M
Resource Exhaustion

*
  • H
Buffer Overflow

<0:91.9.0-1.el8_5
  • H
Exposure of System Data to an Unauthorized Control Sphere

<0:91.9.0-1.el8_5
  • H
Reliance on Cookies without Validation and Integrity Checking

<0:91.9.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.9.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.9.0-1.el8_5
  • H
Improper Preservation of Permissions

<0:91.9.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.8.0-1.el8_5
  • H
Out-of-bounds Write

<0:91.8.0-1.el8_5
  • H
Out-of-bounds Read

<0:91.8.0-1.el8_5
  • H
Buffer Overflow

<0:91.8.0-1.el8_5
  • H
Use After Free

<0:91.8.0-1.el8_5
  • H
Resource Exhaustion

<0:91.8.0-1.el8_5
  • H
Use After Free

<0:91.8.0-1.el8_5
  • H
Use After Free

<0:91.8.0-1.el8_5
  • C
Time-of-check Time-of-use (TOCTOU)

<0:91.7.0-3.el8_5
  • C
Improper Preservation of Permissions

<0:91.7.0-3.el8_5
  • C
The UI Performs the Wrong Action

<0:91.7.0-3.el8_5
  • C
Use After Free

<0:91.7.0-3.el8_5
  • C
Incorrect Behavior Order: Early Validation

<0:91.7.0-3.el8_5
  • C
Use After Free

<0:91.7.0-3.el8_5
  • C
Use After Free

<0:91.7.0-3.el8_5
  • H
Use After Free

<0:91.3.0-1.el8_4
  • H
Buffer Overflow

<0:91.3.0-1.el8_4
  • H
Incorrect Behavior Order: Early Validation

*
  • M
Resource Exhaustion

*
  • C
Integer Overflow or Wraparound

<0:91.7.0-3.el8_5
  • C
Inappropriate Encoding for Output Context

<0:91.7.0-3.el8_5
  • H
Buffer Overflow

<0:91.6.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.6.0-1.el8_5
  • H
Arbitrary Code Injection

<0:91.6.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.6.0-1.el8_5
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:91.6.0-1.el8_5
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:91.6.0-1.el8_5
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:91.6.0-1.el8_5
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Incorrect Calculation

*
  • M
Integer Overflow or Wraparound

*
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:91.5.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.5.0-1.el8_5
  • H
Buffer Overflow

<0:91.5.0-1.el8_5
  • H
Buffer Overflow

<0:91.5.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.5.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.5.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.5.0-1.el8_5
  • H
NULL Pointer Dereference

<0:91.5.0-1.el8_5
  • H
Use After Free

<0:91.5.0-1.el8_5
  • H
Buffer Overflow

<0:91.5.0-1.el8_5
  • H
Use After Free

<0:91.5.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.5.0-1.el8_5
  • H
Cross-site Scripting (XSS)

<0:91.4.0-1.el8_5
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:91.4.0-1.el8_5
  • H
Buffer Overflow

<0:91.4.0-1.el8_5
  • H
Unquoted Search Path or Element

<0:91.4.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.4.0-1.el8_5
  • H
Information Exposure

<0:91.4.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.4.0-1.el8_5
  • H
Use After Free

<0:91.4.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.4.0-1.el8_5
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.3.0-1.el8_4
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:91.3.0-1.el8_4
  • H
Incorrect Permission Assignment for Critical Resource

<0:91.3.0-1.el8_4
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.3.0-1.el8_4
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.3.0-1.el8_4
  • H
Use After Free

<0:91.3.0-1.el8_4
  • H
Buffer Overflow

<0:91.2.0-4.el8_4
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:91.2.0-4.el8_4
  • H
Use After Free

<0:91.2.0-4.el8_4
  • H
Buffer Overflow

<0:91.2.0-4.el8_4
  • H
Use After Free

<0:91.2.0-4.el8_4
  • M
Information Exposure

*
  • H
Out-of-Bounds

<0:91.2.0-4.el8_4
  • H
Buffer Overflow

<0:78.14.0-1.el8_4
  • H
Cross-site Scripting (XSS)

*
  • H
Out-of-Bounds

<0:78.13.0-2.el8_4
  • H
Time-of-check Time-of-use (TOCTOU)

<0:78.13.0-2.el8_4
  • H
Use After Free

<0:78.13.0-2.el8_4
  • H
Use of Uninitialized Resource

<0:78.13.0-2.el8_4
  • H
Use After Free

<0:78.13.0-2.el8_4
  • H
Buffer Overflow

<0:78.13.0-2.el8_4
  • C
Use After Free

<0:78.4.1-1.el8_3
  • H
Improper Cross-boundary Removal of Sensitive Data

<0:78.5.0-1.el8_3
  • H
Improper Validation of Integrity Check Value

<0:78.5.0-1.el8_3
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:78.5.0-1.el8_3
  • H
Buffer Overflow

<0:78.5.0-1.el8_3
  • H
Improperly Implemented Security Check for Standard

<0:78.5.0-1.el8_3
  • H
Use After Free

<0:78.5.0-1.el8_3
  • H
User Interface (UI) Misrepresentation of Critical Information

<0:78.5.0-1.el8_3
  • H
Use After Free

<0:78.5.0-1.el8_3
  • H
Cross-site Scripting (XSS)

<0:78.5.0-1.el8_3
  • H
Cross-site Scripting (XSS)

<0:78.5.0-1.el8_3
  • H
Open Redirect

<0:78.3.0-1.el8_2
  • H
Use After Free

<0:78.3.0-1.el8_2
  • H
Cross-site Scripting (XSS)

<0:78.3.0-1.el8_2
  • H
Buffer Overflow

<0:78.4.0-1.el8_2
  • H
Use After Free

<0:78.4.0-1.el8_2
  • H
Buffer Overflow

<0:78.3.0-1.el8_2
  • H
Use After Free

<0:78.2.0-2.el8_2
  • H
Use After Free

<0:68.11.0-1.el8_2
  • H
Incorrect Use of Privileged APIs

<0:78.2.0-2.el8_2
  • H
Improper Following of a Certificate's Chain of Trust

<0:68.10.0-1.el8_2
  • H
Buffer Overflow

<0:68.11.0-1.el8_2
  • H
Information Exposure

<0:68.11.0-1.el8_2
  • H
CVE-2020-6514

<0:68.11.0-1.el8_2
  • H
Information Exposure

<0:68.10.0-1.el8_2
  • H
Out-of-Bounds

<0:68.10.0-1.el8_2
  • C
Use After Free

<0:68.8.0-1.el8_2
  • H
Use After Free

<0:68.9.0-1.el8_2
  • H
Buffer Overflow

<0:68.9.0-1.el8_2
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:68.9.0-1.el8_2
  • C
Files or Directories Accessible to External Parties

<0:68.8.0-1.el8_2
  • H
Use After Free

<0:68.10.0-1.el8_2
  • H
Use After Free

<0:68.10.0-1.el8_2
  • C
Buffer Overflow

<0:68.8.0-1.el8_2
  • C
Buffer Overflow

<0:68.8.0-1.el8_2
  • H
Use After Free

<0:78.12.0-1.el8_4
  • H
Out-of-bounds Write

<0:78.12.0-1.el8_4
  • H
NULL Pointer Dereference

<0:78.10.0-1.el8_3
  • H
Arbitrary Argument Injection

<0:78.10.0-1.el8_3
  • H
Information Exposure

<0:78.9.0-1.el8_3
  • H
Integer Overflow or Wraparound

<0:78.10.0-1.el8_3
  • C
Information Exposure

<0:78.8.0-1.el8_3
  • H
Null Byte Interaction Error (Poison Null Byte)

<0:78.7.0-2.el8_3
  • H
Improper Preservation of Permissions

<0:78.10.0-1.el8_3
  • C
Use After Free

<0:68.6.1-1.el8_1
  • C
Buffer Overflow

<0:78.8.0-1.el8_3
  • C
Use After Free

<0:68.6.1-1.el8_1
  • H
Improper Preservation of Permissions

<0:78.10.0-1.el8_3
  • H
Buffer Overflow

<0:78.11.0-3.el8_4
  • H
Improper Input Validation

<0:68.6.0-1.el8_1
  • H
Out-of-Bounds

<0:68.7.0-2.el8_1
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:78.7.0-2.el8_3
  • H
Out-of-bounds Read

<0:78.9.0-1.el8_3
  • H
Buffer Overflow

<0:78.9.0-1.el8_3
  • H
Information Exposure

<0:68.6.0-1.el8_1
  • H
Information Exposure

<0:78.10.0-1.el8_3
  • H
Out-of-bounds Read

<0:68.6.0-1.el8_1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:78.7.0-2.el8_3
  • H
Use After Free

<0:68.6.0-1.el8_1
  • H
Buffer Overflow

<0:68.6.0-1.el8_1
  • H
Buffer Overflow

<0:78.12.0-1.el8_4
  • H
Out-of-bounds Write

<0:68.5.0-2.el8_1
  • H
Out-of-Bounds

<0:68.7.0-2.el8_1
  • H
Buffer Overflow

<0:68.7.0-2.el8_1
  • H
Use After Free

<0:78.10.0-1.el8_3
  • H
Out-of-bounds Write

<0:78.10.0-1.el8_3
  • C
Information Exposure

<0:78.8.0-1.el8_3
  • H
Buffer Overflow

<0:78.7.0-2.el8_3
  • C
Information Exposure

<0:78.8.0-1.el8_3
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:78.9.0-1.el8_3
  • H
Cross-site Scripting (XSS)

<0:68.5.0-2.el8_1
  • H
Buffer Overflow

<0:78.6.0-1.el8_3
  • C
Cross-site Scripting (XSS)

<0:68.4.1-1.el8_1
  • H
Use After Free

<0:68.6.0-1.el8_1
  • H
Out-of-bounds Read

<0:68.6.0-1.el8_1
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:68.4.1-1.el8_1
  • H
Buffer Overflow

<0:68.5.0-2.el8_1
  • C
Cross-site Scripting (XSS)

<0:68.4.1-1.el8_1
  • H
Information Exposure

<0:78.6.0-1.el8_3
  • C
Buffer Overflow

<0:68.4.1-1.el8_1
  • C
Buffer Overflow

<0:68.3.0-1.el8_1
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:68.4.1-1.el8_1
  • H
Information Exposure

<0:78.6.0-1.el8_3
  • C
Use After Free

<0:68.3.0-1.el8_1
  • H
Information Exposure

<0:78.7.0-2.el8_3
  • C
Buffer Overflow

<0:68.3.0-1.el8_1
  • C
Use After Free

<0:68.3.0-1.el8_1
  • C
Use After Free

<0:68.3.0-1.el8_1
  • H
Improper Input Validation

<0:78.6.0-1.el8_3
  • H
Buffer Overflow

<0:78.6.0-1.el8_3
  • H
Use After Free

<0:78.6.0-1.el8_3
  • H
Improper Neutralization of Special Elements

<0:78.2.0-2.el8_2
  • C
Use After Free

<0:78.6.1-1.el8_3
  • H
User Interface (UI) Misrepresentation of Critical Information

<0:78.2.0-2.el8_2
  • H
User Interface (UI) Misrepresentation of Critical Information

<0:78.2.0-2.el8_2
  • H
Information Exposure

<0:78.6.0-1.el8_3
  • H
Incorrect Default Permissions

<0:78.2.0-2.el8_2
  • H
Out-of-bounds Read

<0:78.2.0-2.el8_2
  • H
User Interface (UI) Misrepresentation of Critical Information

<0:78.2.0-2.el8_2
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:78.2.0-2.el8_2
  • H
Integer Overflow or Wraparound

<0:78.2.0-2.el8_2
  • M
Resource Exhaustion

*
  • C
Heap-based Buffer Overflow

<0:68.2.0-2.el8_0
  • C
Use After Free

<0:68.2.0-2.el8_0
  • C
Buffer Overflow

<0:68.2.0-2.el8_0
  • C
Buffer Overflow

<0:68.2.0-2.el8_0
  • C
Heap-based Buffer Overflow

<0:68.2.0-2.el8_0
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:68.2.0-2.el8_0
  • C
Exposed Dangerous Method or Function

<0:68.2.0-2.el8_0
  • C
Cross-site Scripting (XSS)

<0:68.2.0-2.el8_0
  • C
Buffer Overflow

<0:68.2.0-2.el8_0
  • H
Use After Free

<0:68.1.0-1.el8_0
  • H
Buffer Overflow

<0:68.1.0-1.el8_0
  • H
Missing Authorization

<0:68.1.0-1.el8_0
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:68.1.0-1.el8_0
  • H
Cross-site Scripting (XSS)

<0:68.1.0-1.el8_0
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:68.1.0-1.el8_0
  • H
Use After Free

<0:68.1.0-1.el8_0
  • H
Execution with Unnecessary Privileges

<0:68.1.0-1.el8_0
  • H
Buffer Overflow

<0:68.1.0-1.el8_0
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:68.1.0-1.el8_0
  • H
Improperly Implemented Security Check for Standard

<0:68.1.0-1.el8_0
  • H
Information Exposure

<0:68.1.0-1.el8_0
  • H
Incorrect Permission Assignment for Critical Resource

<0:68.1.0-1.el8_0
  • H
Improperly Implemented Security Check for Standard

<0:68.1.0-1.el8_0
  • C
Reliance on Untrusted Inputs in a Security Decision

<0:60.8.0-1.el8_0
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.7.2-3.el8_0
  • C
Privilege Context Switching Error

<0:60.7.2-3.el8_0
  • C
Use After Free

<0:60.8.0-1.el8_0
  • C
Buffer Overflow

<0:60.8.0-1.el8_0
  • C
Cross-site Scripting (XSS)

<0:60.8.0-1.el8_0
  • C
Improper Cross-boundary Removal of Sensitive Data

<0:60.8.0-1.el8_0
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.8.0-1.el8_0
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.8.0-1.el8_0
  • C
Improper Neutralization of Special Elements

<0:60.8.0-1.el8_0
  • C
Resource Exhaustion

<0:60.7.0-1.el8_0
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.7.0-1.el8_0
  • C
Unsynchronized Access to Shared Data in a Multithreaded Context

<0:60.7.0-1.el8_0
  • C
Buffer Overflow

<0:60.7.0-1.el8_0
  • C
Use After Free

<0:60.7.0-1.el8_0
  • C
Use After Free

<0:60.7.0-1.el8_0
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.7.0-1.el8_0
  • C
Buffer Overflow

<0:60.7.0-1.el8_0
  • C
Inclusion of Functionality from Untrusted Control Sphere

<0:60.7.0-1.el8_0
  • C
Use After Free

<0:60.7.0-1.el8_0
  • C
Out-of-bounds Read

<0:60.7.0-1.el8_0
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.7.0-1.el8_0
  • C
Information Exposure

<0:60.7.0-1.el8_0
  • C
Out-of-Bounds

<0:60.6.1-1.el8
  • C
Information Exposure

<0:60.6.1-1.el8
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.6.1-1.el8
  • C
Out-of-Bounds

<0:60.6.1-1.el8
  • C
Information Exposure

<0:60.6.1-1.el8
  • C
Use After Free

<0:60.6.1-1.el8
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.6.1-1.el8
  • C
Use After Free

<0:60.6.1-1.el8
  • C
Buffer Overflow

<0:60.6.1-1.el8
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<0:60.6.1-1.el8
  • M
Improperly Implemented Security Check for Standard

*
  • M
Authentication Bypass

*
  • L
Improper Access Control

*
  • M
Files or Directories Accessible to External Parties

*
  • M
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Session Fixation

*
  • L
Untrusted Search Path

*
  • M
Improperly Implemented Security Check for Standard

*
  • L
User Interface (UI) Misrepresentation of Critical Information

*
  • M
Deserialization of Untrusted Data

*
  • M
Out-of-bounds Read

*
  • M
Inclusion of Functionality from Untrusted Control Sphere

*
  • M
Encoding Error

*
  • L
Improper Authorization

*
  • M
Encoding Error

*
  • L
Improper Authorization

*
  • L
Improper Cross-boundary Removal of Sensitive Data

*
  • L
Improperly Implemented Security Check for Standard

*
  • M
Improper Cross-boundary Removal of Sensitive Data

*
  • L
Information Exposure

*
  • M
Improper Neutralization of Special Elements

*
  • M
Unsynchronized Access to Shared Data in a Multithreaded Context

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • L
Authentication Bypass

*
  • L
Improper Input Validation

*
  • M
Improper Input Validation

*
  • L
Product UI does not Warn User of Unsafe Actions

*
  • M
Improper Access Control

*