Mozilla Firefox — свободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox

Вендор: mozilla

График релизов

Недавние уязвимости Mozilla Firefox

Количество 15 501

CVE-2024-3859

почти 2 года назад

On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-3859

почти 2 года назад

On 32-bit versions there were integer-overflows that led to an out-of- ...

CVSS3: 5.9

EPSS: Низкий

CVE-2024-3858

почти 2 года назад

It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox < 125.

CVSS3: 7.5

EPSS: Низкий

CVE-2024-3858

почти 2 года назад

It was possible to mutate a JavaScript object so that the JIT could cr ...

CVSS3: 7.5

EPSS: Низкий

CVE-2024-3857

почти 2 года назад

The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

CVSS3: 7.8

EPSS: Низкий

CVE-2024-3857

почти 2 года назад

The JIT created incorrect code for arguments in certain cases. This le ...

CVSS3: 7.8

EPSS: Низкий

CVE-2024-3856

почти 2 года назад

A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox < 125.

CVSS3: 8.8

EPSS: Низкий

CVE-2024-3856

почти 2 года назад

A use-after-free could occur during WASM execution if garbage collecti ...

CVSS3: 8.8

EPSS: Низкий

CVE-2024-3855

почти 2 года назад

In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125.

CVSS3: 6.5

EPSS: Низкий

CVE-2024-3855

почти 2 года назад

In certain cases the JIT incorrectly optimized MSubstr operations, whi ...

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2024-3859 On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.	CVSS3: 5.9	2% Низкий	почти 2 года назад
CVE-2024-3859 On 32-bit versions there were integer-overflows that led to an out-of- ...	CVSS3: 5.9	2% Низкий	почти 2 года назад
CVE-2024-3858 It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox < 125.	CVSS3: 7.5	0% Низкий	почти 2 года назад
CVE-2024-3858 It was possible to mutate a JavaScript object so that the JIT could cr ...	CVSS3: 7.5	0% Низкий	почти 2 года назад
CVE-2024-3857 The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.	CVSS3: 7.8	0% Низкий	почти 2 года назад
CVE-2024-3857 The JIT created incorrect code for arguments in certain cases. This le ...	CVSS3: 7.8	0% Низкий	почти 2 года назад
CVE-2024-3856 A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox < 125.	CVSS3: 8.8	1% Низкий	почти 2 года назад
CVE-2024-3856 A use-after-free could occur during WASM execution if garbage collecti ...	CVSS3: 8.8	1% Низкий	почти 2 года назад
CVE-2024-3855 In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125.	CVSS3: 6.5	0% Низкий	почти 2 года назад
CVE-2024-3855 In certain cases the JIT incorrectly optimized MSubstr operations, whi ...	CVSS3: 6.5	0% Низкий	почти 2 года назад

Уязвимостей на страницу