Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 220
CVE-2024-4774
The `ShmemCharMapHashEntry()` code was susceptible to potentially unde ...
CVE-2024-4773
When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126.
CVE-2024-4773
When a network error occurred during page load, the prior content coul ...
CVE-2024-4772
An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126.
CVE-2024-4772
An HTTP digest authentication nonce value was generated using `rand()` ...
CVE-2024-4771
A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126.
CVE-2024-4771
A memory allocation check was missing which would lead to a use-after- ...
CVE-2024-4770
When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
CVE-2024-4770
When saving a page to PDF, certain font styles could have led to a pot ...
CVE-2024-4769
When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2024-4774 The `ShmemCharMapHashEntry()` code was susceptible to potentially unde ... | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
 | CVE-2024-4773 When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| CVE-2024-4773 When a network error occurred during page load, the prior content coul ... | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| CVE-2024-4772 An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126. | CVSS3: 5.9 | 0% Низкий | больше 1 года назад |
| CVE-2024-4772 An HTTP digest authentication nonce value was generated using `rand()` ... | CVSS3: 5.9 | 0% Низкий | больше 1 года назад |
| CVE-2024-4771 A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126. | CVSS3: 8.6 | 1% Низкий | больше 1 года назад |
| CVE-2024-4771 A memory allocation check was missing which would lead to a use-after- ... | CVSS3: 8.6 | 1% Низкий | больше 1 года назад |
| CVE-2024-4770 When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | CVSS3: 8.8 | 1% Низкий | больше 1 года назад |
| CVE-2024-4770 When saving a page to PDF, certain font styles could have led to a pot ... | CVSS3: 8.8 | 1% Низкий | больше 1 года назад |
| CVE-2024-4769 When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | CVSS3: 5.9 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу