VYPR

rpm package

opensuse/mozjs78&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/mozjs78&distro=openSUSE%20Tumbleweed

Vulnerabilities (5)

  • CVE-2024-50602Oct 27, 2024
    affected < 78.15.0-7.1fixed 78.15.0-7.1

    An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

  • CVE-2024-45492CriAug 30, 2024
    affected < 78.15.0-5.1fixed 78.15.0-5.1

    An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

  • CVE-2024-45491CriAug 30, 2024
    affected < 78.15.0-5.1fixed 78.15.0-5.1

    An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

  • CVE-2024-45490HigAug 30, 2024
    affected < 78.15.0-5.1fixed 78.15.0-5.1

    An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.

  • CVE-2021-29984Aug 17, 2021
    affected < 78.13.0-1.2fixed 78.13.0-1.2

    Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Fi