Sat Apr 19 2025 22:18:16 PDT
  • Bug ID: 1456947, 1475669, 1504816, 1502886, 1500064, 1500310, 1500696, 1499198, 1434490, 1481745, 1458129

11 bugs found.
ID Type Summary Product Comp Assignee Status Resolution Updated
1504816 Buffer source patches from 1475228 may have introduced a use-after-free Core DOM: Core & HTML jcoppeard RESO FIXE 2019-08-07
1500064 IdSet in enumeration code needs to be rooted Core JavaScript: GC jdemooij RESO FIXE 2020-04-06
1458129 Double free in mar_sign.c Toolkit Application Update jewilde RESO FIXE 2019-08-07
1475669 Assertion failure: this->is<T>() with Debugger "promiseDependentPromises" Core JavaScript Engine jorendorff RESO FIXE 2019-08-07
1481745 Intermittent SUMMARY: AddressSanitizer: bad-malloc_usable_size Z:\task_1533162563\build\src\build\build-clang\build-clang\src\llvm\projects\compiler-rt\lib\asan\asan_thread.cc:262 in __asan::AsanThread::ThreadStart Core Web Audio karlt RESO FIXE 2020-02-28
1434490 Write and read beyond bounds in nsPNGEncoder::WriteCallback() Core Graphics: ImageLib tnikkel RESO FIXE 2024-05-30
1500696 AddressSanitizer: heap-use-after-free [@ IsCurrentThread] with READ of size 8 Core Storage: IndexedDB jan.varga RESO FIXE 2020-02-28
1456947 Heap buffer overflow WRITE in ContentParent::RecvGetSystemColors on android Core IPC m_kato RESO FIXE 2019-08-07
1499198 Crash in js::wasm::Instance::callExport Core JavaScript: WebAssem bugzilla VERI FIXE 2025-02-03
1502886 Crash [@ mozilla::UniquePtr<js::wasm::CodeTier, JS::DeletePolicy<js::wasm::CodeTier> >::operator->] or Crash [@ js::gc::detail::GetCellLocation] with OOM, Debugger and use-after-free Core JavaScript: WebAssem bugzilla VERI FIXE 2023-12-06
1500310 AddressSanitizer: heap-use-after-free [@ Length] with READ of size 8 Core Storage: IndexedDB jan.varga VERI FIXE 2020-02-28
11 bugs found.