Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 220
SUSE-RU-2024:2684-1
Recommended update for mozilla-nss
SUSE-SU-2024:2600-1
Security update for mozilla-nss
SUSE-RU-2024:2564-1
Recommended update for mozilla-nss
GHSA-x2q3-f99c-25ff
Memory safety bugs present in Firefox 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128.
GHSA-3wq7-w8r7-pmvh
Clipboard code failed to check the index on an array access. This could have lead to an out-of-bounds read. This vulnerability affects Firefox < 128.
GHSA-vr96-9xq4-q4jp
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128.
GHSA-gq55-cjrv-p49j
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128.
GHSA-fj5c-r5jw-5wp8
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128.
GHSA-h7q8-vff8-p3j8
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128.
GHSA-v6r5-wp7h-cj77
A mismatch between allocator and deallocator could have lead to memory corruption. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | SUSE-RU-2024:2684-1 Recommended update for mozilla-nss | 1% Низкий | больше 1 года назад | |
| SUSE-SU-2024:2600-1 Security update for mozilla-nss | 1% Низкий | больше 1 года назад | |
| SUSE-RU-2024:2564-1 Recommended update for mozilla-nss | 1% Низкий | больше 1 года назад | |
| GHSA-x2q3-f99c-25ff Memory safety bugs present in Firefox 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| GHSA-3wq7-w8r7-pmvh Clipboard code failed to check the index on an array access. This could have lead to an out-of-bounds read. This vulnerability affects Firefox < 128. | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
| GHSA-vr96-9xq4-q4jp It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-gq55-cjrv-p49j It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| GHSA-fj5c-r5jw-5wp8 The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128. | CVSS3: 5.5 | 0% Низкий | больше 1 года назад |
| GHSA-h7q8-vff8-p3j8 The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-v6r5-wp7h-cj77 A mismatch between allocator and deallocator could have lead to memory corruption. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13. | CVSS3: 9.8 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу