Sat Apr 19 2025 18:50:41 PDT
  • Bug ID: 1494752, 1498765, 1503326, 1505181, 1500759, 1504365, 1506640, 1503082, 1502013, 1510471

10 bugs found.
ID Type Summary Product Comp Assignee Status Resolution Updated
1500759 AddressSanitizer: use-after-poison [@ getClass] with READ of size 8 through mozilla::dom::WebCryptoTask Core DOM: Security jcoppeard RESO FIXE 2024-05-30
1506640 Assertion failure: found() running jit-test basic/bug908915.js with GC zeal Core JavaScript Engine jcoppeard RESO FIXE 2019-08-07
1502013 js::jit::RemoveUnmarkedBlocks does not mark operands of removed chunks. Core JavaScript Engine: J nicolas.b.pierron RESO FIXE 2019-08-07
1498765 Potential use-after-free if ContentParent is destroyed with channel open after KillHard Core DOM: Content Process jld RESO FIXE 2019-08-07
1503082 Intermittent SUMMARY: AddressSanitizer: heap-use-after-free /builds/worker/workspace/build/src/gfx/gl/../../mfbt/RefPtr.h:69:17 in assign_assuming_AddRef Core Graphics: Canvas2D continuation RESO FIXE 2020-02-28
1504365 Potential shutdown UAF in various shutdown observers Core General continuation RESO FIXE 2019-08-07
1505181 Crash [@ js::jit::IonSetPropertyIC::update] or Crash [@ ??] or Crash [@ JSObject::getClass] with invalid address and TypedArray Core JavaScript Engine jdemooij RESO FIXE 2019-08-07
1503326 Crash [@ ??] with asm.js and SIGTRAP Core JavaScript Engine bugzilla VERI FIXE 2023-12-06
1494752 Crash [@ js::CheckTracedThing<JSString>] with OOM and invalid read Core JavaScript Engine jwalden VERI FIXE 2023-12-06
1510471 use-after-poison in [@ nsComboboxControlFrame::HandleRedisplayTextEvent] Core Layout smaug VERI FIXE 2020-02-16
10 bugs found.

File a new bug in the "Core" product