Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (7)
| Vulnerability |
Summary |
Aliases |
|
VCID-6fvj-phnx-kfgs
|
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.
|
CVE-2019-17023
|
|
VCID-7hkk-2k6p-vyc7
|
Multiple vulnerabilities have been found in Mozilla Firefox, the
worst of which may allow execution of arbitrary code.
|
CVE-2019-17024
|
|
VCID-9v4g-hwwe-3ybg
|
Mozilla developers Karl Tomlinson, Jason Kratzer, Tyson Smith, Jon Coppeard, and Christian Holler reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
CVE-2019-17025
|
|
VCID-ap8s-63rs-jyff
|
If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document.
|
CVE-2019-17020
|
|
VCID-c4qs-a9kw-p3hc
|
Multiple vulnerabilities have been found in Mozilla Firefox, the
worst of which may allow execution of arbitrary code.
|
CVE-2019-17017
|
|
VCID-javq-3r82-73fq
|
Multiple vulnerabilities have been found in Mozilla Firefox, the
worst of which may allow execution of arbitrary code.
|
CVE-2019-17022
|
|
VCID-x12h-hqf2-37cc
|
Multiple vulnerabilities have been found in Mozilla Firefox, the
worst of which may allow execution of arbitrary code.
|
CVE-2019-17016
|