COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Firefox and Thunderbird product

6
failure events
0
zero-days
1
RCEs
6
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 6 events

DateEventSevFlagsShameSummary
2022-05-23 CVE-2019-11708 high ⚡RCE ⌖KEV 65 Mozilla Firefox and Thunderbird contain a sandbox escape vulnerability that could result in remote code execution.
2022-05-23 CVE-2019-11707 high ⌖KEV 50 Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.
2022-03-28 CVE-2013-1690 high ⌖KEV 50 Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial-of-service (DoS) or possibly execute malicious code via a crafted web site.
2021-11-03 CVE-2020-6819 high ⌖KEV 50 Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.
2021-11-03 CVE-2020-6820 high ⌖KEV 50 Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts.
2021-11-03 CVE-2019-17026 high ⌖KEV 50 Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.