Wed Jun 19 2024 13:41:10 PDT
  • Keywords: sec-audit
  • Resolution: ---
33 bugs found.
ID Type Summary Product Comp Assignee Status Resolution Updated
1488738 Outdated and Minified JavaScript Firefox Normandy Client nobody UNCO --- 2024-03-08
1406996 stylo: Investigate crash reports around Rust HashMaps Core CSS Parsing and Comp nobody NEW --- 2023-04-02
1445198 Review panel usage spoofing in Firefox Firefox Security nobody NEW --- 2022-10-11
552308 Possible integer overflows in WOFF Core Layout: Text and Fon nobody NEW --- 2022-10-10
793437 NS_ProxyRelease is security hazard Core XPCOM nobody NEW --- 2022-10-10
1274144 "ASSERTION: element already removed from map" with dir=auto Core DOM: Core & HTML nobody NEW --- 2022-10-11
1279994 reject UniquePtr<T> when we want to delete T specially Developer Infrastruc Source Code Analysis nobody NEW --- 2022-10-11
1463873 Systematically set CLOEXEC to prevent leaking file descriptors to fork+exec child processes Core General nobody NEW --- 2023-02-26
1730797 Using capped, unpartitioned thread-pools for cross-site and / or cross-profile communication Core Privacy: Anti-Tracki nobody NEW --- 2024-05-30
1895915 Audit cargo audit output Firefox Build System General nobody NEW --- 2024-05-21
1685446 gl.cc not built with ASan Core Graphics: WebRender nobody NEW --- 2024-04-01
652818 Science says we should do a security audit of nsContentUtils.cpp Core DOM: Core & HTML nobody NEW --- 2022-10-10
811529 Use safe memory cleanup to avoid removal of memset by VC++2010 /O2 NSS Libraries nobody NEW --- 2023-11-06
834540 Do more validation of zip file names Core Networking: JAR nobody NEW --- 2022-10-10
1325617 SecMap - Identify steps for reproducibility mozilla.org Security Assurance catlee NEW --- 2024-06-09
1860860 [meta] Audit ContentParent IPC code with no coverage Core DOM: Content Process continuation NEW --- 2023-12-01
194449 POP Security Review Action Items MailNews Core Networking: POP nobody NEW --- 2022-11-15
330070 Investigate mail URLs for abusable actions MailNews Core Networking nobody NEW --- 2022-10-10
622012 News uris allow you to execute arbitrary commands on server MailNews Core Networking: NNTP nobody NEW --- 2022-10-10
919486 [tracking] Report signed integer overflows within our codebase mozilla.org Security Assurance: nobody NEW --- 2014-08-22
926593 "ASSERTION: Redraw with no canvas element or docshell!" with drawWindow, cycle collection Core Graphics nobody NEW --- 2022-10-11
984012 Consider removing the security.turn_off_all_security_so_that_viruses_can_take_over_this_computer pref Core XPConnect nobody NEW --- 2023-06-19
1017646 Somehow ensure that the assumption that nsTArray makes about its template argument (that it is memmovable) is correct Core XPCOM nobody NEW --- 2022-10-11
1324378 Add static analysis to check that var is not used after Send__delete__(var) Developer Infrastruc Source Code Analysis nobody NEW --- 2022-10-11
1745121 Malicious third-party CSS can allow text content to be exfiltrated (with e.g. custom web-fonts) Core Layout: Text and Fon nobody NEW --- 2022-03-27
1841706 StaticRefPtr<> can cause UAFs if used with concurrent threads Core XPCOM nobody NEW --- 2024-06-11
1878926 Evaluate expat CVE-2023-52425, CVE-2023-52426, & CVE-2024-28757 fixes Core XML nobody NEW --- 2024-06-02
858721 UXSS using carefully timed history navigations Core DOM: Navigation smaug NEW --- 2022-10-10
1177759 Fuzzing parts of NSS mozilla.org Security Assurance: twsmith NEW --- 2023-12-11
1544232 Possible vulnerabilities in allowing unbounded system resource usage for installed service workers Core DOM: Service Workers bugmail ASSI --- Thu 21:34
1651987 [meta] Audit and convert incorrect uses of nsContentPolicyType::TYPE_OTHER Core DOM: Security fbraun ASSI --- 2022-04-11
1207753 [meta] Add static thread-safety lock/mutex analysis based on clang GUARDED_BY() Core XPCOM rjesup ASSI --- 2024-05-02
1267539 Strange error message in error console: Couldn't decrypt string. Thunderbird Security nobody REOP --- 2022-10-11
33 bugs found.
REST | CSV | Feed | iCalendar
Change Columns 		Edit Search
as