Canonical Unity Firefox Extension
By the Year
In 2024 there have been 0 vulnerabilities in Canonical Unity Firefox Extension . Unity Firefox Extension did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 2 | 5.40 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Unity Firefox Extension vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Canonical Unity Firefox Extension Security Vulnerabilities
The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash
CVE-2013-1054
6.5 - Medium
- April 07, 2021
The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus disabling the extension entirely.
Improper Resource Shutdown or Release
The unity-firefox-extension package could be tricked into dropping a C callback
CVE-2013-1055
4.3 - Medium
- April 07, 2021
The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was hit. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 of unity-firefox-extension and in all versions of libunity-webapps by shipping an empty unity-firefox-extension package, thus disabling the extension entirely and invalidating the attack against the libunity-webapps package.
Improper Resource Shutdown or Release
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Canonical? Click the Watch button to subscribe.
