Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 599
GHSA-64mp-f6ff-c8jm
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4.
GHSA-p5g7-573c-m74m
Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.
CVE-2025-49710
An integer overflow was present in `OrderedHashTable` used by the Java ...
CVE-2025-49710
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4.
CVE-2025-49709
Certain canvas operations could have lead to memory corruption. This v ...
CVE-2025-49709
Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.
CVE-2025-49710
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4.
CVE-2025-49709
Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.
GHSA-h36q-jch3-f9mw
Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139.
GHSA-fjj5-r59g-88g7
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 139, Firefox ESR < 115.24, and Firefox ESR < 128.11.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-64mp-f6ff-c8jm An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4. | CVSS3: 9.8 | 0% Низкий | 7 дней назад |
| GHSA-p5g7-573c-m74m Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4. | CVSS3: 9.8 | 0% Низкий | 7 дней назад |
| CVE-2025-49710 An integer overflow was present in `OrderedHashTable` used by the Java ... | CVSS3: 9.8 | 0% Низкий | 7 дней назад |
 | CVE-2025-49710 An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4. | CVSS3: 9.8 | 0% Низкий | 7 дней назад |
| CVE-2025-49709 Certain canvas operations could have lead to memory corruption. This v ... | CVSS3: 9.8 | 0% Низкий | 7 дней назад |
| CVE-2025-49709 Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4. | CVSS3: 9.8 | 0% Низкий | 7 дней назад |
 | CVE-2025-49710 An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4. | CVSS3: 9.8 | 0% Низкий | 7 дней назад |
| CVE-2025-49709 Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4. | CVSS3: 9.8 | 0% Низкий | 7 дней назад |
| GHSA-h36q-jch3-f9mw Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139. | CVSS3: 7.3 | 0% Низкий | 22 дня назад |
| GHSA-fjj5-r59g-88g7 Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 139, Firefox ESR < 115.24, and Firefox ESR < 128.11. | CVSS3: 4.8 | 0% Низкий | 22 дня назад |
Уязвимостей на страницу