Sat Apr 19 2025 07:12:42 PDT
  • Bug ID: 1412420, 1426783, 1422389, 1415598, 1410134, 1408017, 1224396, 1382366, 1415582, 1417797, 1409951, 1414452, 1428589, 1425780, 1399520, 1418854, 1408276, 1412145, 1331209, 1425612

20 bugs found.
ID Type Summary Product Comp Assignee Status Resolution Updated
1417797 UAF in H264 decoder shutdown in VCMDecodedFrameCallback::Decoded() Core WebRTC: Audio/Video dminor RESO FIXE 2021-08-31
1412420 Crash [@ js::TypeSet::GetValueType] with invalid read Core JavaScript Engine jdemooij RESO FIXE 2018-08-28
1425612 StructuredClone crash reading invalid data Core JavaScript Engine jorendorff RESO FIXE 2021-10-06
1426783 AddressSanitizer: heap-buffer-overflow [@ __asan_memcpy] with arbitrary WRITE in JSStructuredCloneReader Core JavaScript Engine jorendorff RESO FIXE 2021-10-06
1408276 races with LIFECYCLE_WAITING_FOR_MAIN_THREAD_CLEANUP and NotifyOutputData() Core Audio/Video: MediaSt karlt RESO FIXE 2018-08-28
1415598 Crash in nsTHashtable<T>::s_ClearEntry | PLDHashTable::RawRemove | mozilla::places::History::RegisterVisitedCallback Toolkit Places mak RESO FIXE 2018-08-28
1425780 AddressSanitizer: heap-use-after-free /builds/worker/workspace/build/src/obj-firefox/dist/include/mtransport/sigslot.h:318:13 in ~lock_block Core WebRTC mfroman RESO FIXE 2020-02-28
1418854 Intermittent SUMMARY: AddressSanitizer: heap-use-after-free /builds/worker/workspace/build/src/netwerk/cache2/CacheFileInputStream.cpp:263:7 in CloseWithStatusLocked Core Networking: Cache michal.novotny RESO FIXE 2020-02-28
1415582 Cleanup WebRTCGMP decoder initialization to match Encoder side Core WebRTC: Audio/Video rjesup RESO FIXE 2018-08-28
1382366 Crash in mozilla::SystemClockDriver::WaitForNextIteration | mozilla::MediaStreamGraphImpl::UpdateMainThreadState Core Audio/Video: MediaSt karlt RESO FIXE 2018-08-28
1410134 use-after-destruction in nsCookieService::RemoveCookiesWithOriginAttributes Core Networking: Cookies tihuang RESO FIXE 2018-08-28
1399520 Intermittent AddressSanitizer: heap-use-after-free modules/libjar/nsJAR.cpp:61:21 in Release Core Networking: JAR xeonchen RESO FIXE 2020-02-28
1412145 Backpointer in CSSOM objects need to be cleared when they are unlinked Core CSS Parsing and Comp xidorn+moz RESO FIXE 2018-08-28
1224396 Overflow in makeSpace causes potential memory-safety bug Core Graphics lsalzman RESO FIXE 2024-05-30
1428589 UAF in nsCookieService (uncovered by the patch for bug 1361815). Core Networking: Cookies emilio RESO FIXE 2019-05-24
1409951 crash and potential UAF in [@ nsPlainTextSerializer::ScanElementForPreformat] Core DOM: Core & HTML hsivonen VERI FIXE 2019-06-03
1422389 AddressSanitizer: negative-size-param near [@ mozilla::MediaEngineDefaultVideoSource::Notify] Core WebRTC: Audio/Video jib VERI FIXE 2020-02-28
1414452 Assertion failure: IsIdle(oldState), at /build/src/xpcom/ds/PLDHashTable.h:132 Core DOM: Core & HTML smaug VERI FIXE 2019-03-13
1331209 Crash in mozilla::ipc::MessageChannel::CxxStackFrame::CxxStackFrame | mozilla::ipc::MessageChannel::Send | mozilla::dom::asmjscache::PAsmJSCacheEntryParent::SendOnOpenMetadataForRead Core JavaScript Engine mail VERI FIXE 2018-08-28
1408017 Crash with failed "@mozilla.org/startupcache/cache;1" instances Core XPCOM continuation VERI FIXE 2018-08-28
20 bugs found.