Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
GHSA-p5hw-4fxj-g4x6
A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.
CVE-2024-9403
Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131.
CVE-2024-9403
Memory safety bugs present in Firefox 130. Some of these bugs showed e ...
CVE-2024-9402
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9402
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thun ...
CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ...
CVE-2024-9400
A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9400
A potential memory corruption vulnerability could be triggered if an a ...
CVE-2024-9399
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-p5hw-4fxj-g4x6 A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
 | CVE-2024-9403 Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131. | CVSS3: 7.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-9403 Memory safety bugs present in Firefox 130. Some of these bugs showed e ... | CVSS3: 7.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-9402 Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-9402 Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thun ... | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-9401 Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-9401 Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ... | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-9400 A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-9400 A potential memory corruption vulnerability could be triggered if an a ... | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| CVE-2024-9399 A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу