Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
CVE-2024-11701
The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133 and Thunderbird < 133.
CVE-2024-11701
The incorrect domain may have been displayed in the address bar during ...
CVE-2024-11700
Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133.
CVE-2024-11700
Malicious websites may have been able to perform user intent confirmat ...
CVE-2024-11699
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11699
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thun ...
CVE-2024-11698
A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. *This bug only affects the application when running on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11698
A flaw in handling fullscreen transitions may have inadvertently cause ...
CVE-2024-11697
When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11697
When handling keypress events, an attacker may have been able to trick ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2024-11701 The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133 and Thunderbird < 133. | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
| CVE-2024-11701 The incorrect domain may have been displayed in the address bar during ... | CVSS3: 4.3 | 0% Низкий | около 1 года назад |
| CVE-2024-11700 Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133. | CVSS3: 8.1 | 0% Низкий | около 1 года назад |
| CVE-2024-11700 Malicious websites may have been able to perform user intent confirmat ... | CVSS3: 8.1 | 0% Низкий | около 1 года назад |
| CVE-2024-11699 Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
| CVE-2024-11699 Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thun ... | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
| CVE-2024-11698 A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. *This bug only affects the application when running on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. | CVSS3: 9.8 | 0% Низкий | около 1 года назад |
| CVE-2024-11698 A flaw in handling fullscreen transitions may have inadvertently cause ... | CVSS3: 9.8 | 0% Низкий | около 1 года назад |
| CVE-2024-11697 When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
| CVE-2024-11697 When handling keypress events, an attacker may have been able to trick ... | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу