Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
CVE-2024-3854
In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
CVE-2024-3854
In some code patterns the JIT incorrectly optimized switch statements ...
CVE-2024-3853
A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125.
CVE-2024-3853
A use-after-free could result if a JavaScript realm was in the process ...
CVE-2024-3852
GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
CVE-2024-3852
GetBoundName could return the wrong version of an object when JIT opti ...
CVE-2024-3302
There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
CVE-2024-3302
There was no limit to the number of HTTP/2 CONTINUATION frames that wo ...
CVE-2024-3854
In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2024-3854 In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | CVSS3: 8.8 | 1% Низкий | почти 2 года назад |
| CVE-2024-3854 In some code patterns the JIT incorrectly optimized switch statements ... | CVSS3: 8.8 | 1% Низкий | почти 2 года назад |
| CVE-2024-3853 A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
| CVE-2024-3853 A use-after-free could result if a JavaScript realm was in the process ... | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
| CVE-2024-3852 GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
| CVE-2024-3852 GetBoundName could return the wrong version of an object when JIT opti ... | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
| CVE-2024-3302 There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | CVSS3: 3.7 | 0% Низкий | почти 2 года назад |
| CVE-2024-3302 There was no limit to the number of HTTP/2 CONTINUATION frames that wo ... | CVSS3: 3.7 | 0% Низкий | почти 2 года назад |
 | CVE-2024-3854 In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | CVSS3: 8.8 | 1% Низкий | почти 2 года назад |
| CVE-2024-3860 An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125. | CVSS3: 6.2 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу