Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 151
GHSA-vpgc-chc4-fq2j
A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
GHSA-3qpq-hc75-5535
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
GHSA-667m-43f5-gwwr
It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9403
Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131.
CVE-2024-9403
Memory safety bugs present in Firefox 130. Some of these bugs showed e ...
CVE-2024-9402
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9402
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thun ...
CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ...
CVE-2024-9400
A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-vpgc-chc4-fq2j A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 6.1 | 0% Низкий | около 1 года назад |
| GHSA-3qpq-hc75-5535 By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 5.3 | 1% Низкий | около 1 года назад |
| GHSA-667m-43f5-gwwr It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
 | CVE-2024-9403 Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131. | CVSS3: 7.3 | 0% Низкий | около 1 года назад |
| CVE-2024-9403 Memory safety bugs present in Firefox 130. Some of these bugs showed e ... | CVSS3: 7.3 | 0% Низкий | около 1 года назад |
| CVE-2024-9402 Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 9.8 | 0% Низкий | около 1 года назад |
| CVE-2024-9402 Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thun ... | CVSS3: 9.8 | 0% Низкий | около 1 года назад |
| CVE-2024-9401 Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 9.8 | 0% Низкий | около 1 года назад |
| CVE-2024-9401 Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ... | CVSS3: 9.8 | 0% Низкий | около 1 года назад |
| CVE-2024-9400 A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу