FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-04-03 16:16:28 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1a67144d-0d86-11f0-8542-b42e991fc52emozilla -- multiple vulnerabilities

security@mozilla.org reports:

An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed (distinct from CVE-2025-0245). This vulnerability affects Firefox < 136.

When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 136.

Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page This vulnerability affects Firefox for iOS < 136.


Discovery 2025-03-04
Entry 2025-03-30
firefox
< 136.0,2

firefox-esr
< 128.8,1

thunderbird
< 136.0

thunderbird
< 128.8

librewolf
< 136.0

CVE-2025-1932
https://nvd.nist.gov/vuln/detail/CVE-2025-1932
CVE-2025-1941
https://nvd.nist.gov/vuln/detail/CVE-2025-1941
CVE-2025-1942
https://nvd.nist.gov/vuln/detail/CVE-2025-1942
CVE-2025-27424
https://nvd.nist.gov/vuln/detail/CVE-2025-27424
1a67144d-0d86-11f0-8542-b42e991fc52emozilla -- multiple vulnerabilities

security@mozilla.org reports:

An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.

Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed (distinct from CVE-2025-0245). This vulnerability affects Firefox < 136.

When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 136.

Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page This vulnerability affects Firefox for iOS < 136.


Discovery 2025-03-04
Entry 2025-03-30
firefox
< 136.0,2

firefox-esr
< 128.8,1

thunderbird
< 136.0

thunderbird
< 128.8

librewolf
< 136.0

CVE-2025-1932
https://nvd.nist.gov/vuln/detail/CVE-2025-1932
CVE-2025-1941
https://nvd.nist.gov/vuln/detail/CVE-2025-1941
CVE-2025-1942
https://nvd.nist.gov/vuln/detail/CVE-2025-1942
CVE-2025-27424
https://nvd.nist.gov/vuln/detail/CVE-2025-27424