5.3
CVE-2024-3862 -
The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox < 125.
6.2
CVE-2024-3860 -
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125.
7.5
CVE-2024-3858 -
It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox < 125.
8.8
CVE-2024-3856 -
A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox < 125.
6.5
CVE-2024-3855 -
In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125.
7.5
CVE-2024-3853 -
A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125.
9.1
CVE-2024-32022 - Kohya_ss is vulnerable to a command injection in basic_caption_gui.py (GHSL-2024-019)
Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss is vulnerable to command injection in basic_caption_gui.py. This vulnerability is fixed in 23.1.5.
9.1
CVE-2024-32027 - Kohya_ss is vulnerable to a command injection in `finetune_gui.py` (`GHSL-2024-022`)
Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss v22.6.1 is vulnerable to command injection in `finetune_gui.py` This vulnerability is fixed in 23.1.5.
9.1
CVE-2024-32026 - Kohya_ss is vulnerable to a command injection in `git_caption_gui.py` (`GHSL-2024-020`)
Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss is vulnerable to a command injection in `git_caption_gui.py`. This vulnerability is fixed in 23.1.5.
9.1
CVE-2024-32025 - Kohya_ss is vulnerable to a command injection in `group_images_gui.py` (`GHSL-2024-021`)
Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss is vulnerable to a command injection in `group_images_gui.py`. This vulnerability is fixed in 23.1.5.