Sat Apr 19 2025 18:04:19 PDT
  • Bug ID: 1456189, 1456975, 1465898, 1392739, 1451297, 1464063, 1437842, 1442722, 1452576, 1450688, 1458264, 1458270, 1465108, 1464829, 1464079, 1463494, 1458048

17 bugs found.
ID Type Summary Product Comp Assignee Status Resolution Updated
1452576 Crash [@ get] with StructuredCloneHolder ending up in [@ mozilla::dom::ImageBitmap::CreateFromCloneData] although DifferentProcess Core DOM: Core & HTML amarchesini RESO FIXE 2021-10-06
1458048 Likely write beyond bounds in sctp_load_addresses_from_init() Core WebRTC: Networking dminor RESO FIXE 2024-05-30
1464063 [LibFuzzer] SDP: global-buffer-overflow [@sdp_getchoosetok] Core WebRTC: Signaling drno RESO FIXE 2019-08-07
1450688 Crash [@ JS::GetRealmPrivate(JS::Realm*)] Core XBL kmaglione+bmo RESO FIXE 2019-08-07
1464829 Possible OOB read from RInstructionResults. Core JavaScript Engine: J nicolas.b.pierron RESO FIXE 2019-08-07
1442722 Assertion failure: point.canPeek(), at js/src/vm/StructuredClone.cpp:648 or various crashes with invalid free Core JavaScript Engine sphink RESO FIXE 2021-10-06
1456975 Segfault - buffer overflow / arbitrary memory read in IPC due to unvalidated field in nsMozIconURI deserialization Core Networking valentin.gosu RESO FIXE 2021-11-18
1451297 IPC: crash with PImageBridge::Msg_PTextureConstructor [@I422ToARGBRow_Any_AVX2] Core Graphics aosmond RESO FIXE 2019-08-07
1458264 ASan use-after-free in angle::LoadToNative3To4 Core Graphics jgilbert RESO FIXE 2019-08-07
1392739 IPC: wild-addr-read in various messages [@CharAt] Core Networking valentin.gosu RESO FIXE 2021-11-18
1458270 ASan use-after-free in GfxInfo::GetFeatureStatus Core Graphics away RESO FIXE 2019-08-07
1456189 AddressSanitizer: bad-free deserializing JSStructuredCloneData Core IPC alex.gaynor RESO FIXE 2021-11-18
1464079 AddressSanitizer: heap-use-after-free [@ ~lock_block] with READ of size 8 Core WebRTC docfaraday RESO FIXE 2020-02-28
1465898 Heap-buffer-underflow READ 8 from HalParent::RecvEnableSwitchNotifications Core Hardware Abstraction gsvelto RESO FIXE 2021-11-18
1465108 Uplift some compacting GC changes which landed in bug 1457703 Core JavaScript: GC jcoppeard RESO FIXE 2019-08-07
1463494 Crash in nsTArray_Impl<T>::Clear | GeckoAppShellSupport::OnSensorChanged Core Graveyard Widget: Android rjesup RESO FIXE 2021-11-04
1437842 Crash [@ ??] with GC and TypedArray constructors Core JavaScript Engine mgaudet VERI FIXE 2023-12-06
17 bugs found.