Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
BDU:2024-02329
Уязвимость службы регистрации ошибок Windows Error Reporter браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю выполнить произвольный код
BDU:2024-02315
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
RLSA-2024:0786
Moderate: nss security update
SUSE-SU-2024:0597-1
Security update for mozilla-nss
GHSA-37wm-h7xg-q6w9
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.
GHSA-7hw4-x97q-5wx2
Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123.
GHSA-g386-c6xv-h62r
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.
CVE-2024-26283
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.
CVE-2024-26283
An attacker could have executed unauthorized scripts on top origin sit ...
CVE-2024-26282
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | BDU:2024-02329 Уязвимость службы регистрации ошибок Windows Error Reporter браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 0% Низкий | почти 2 года назад |
| BDU:2024-02315 Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код | CVSS3: 7.5 | 1% Низкий | почти 2 года назад |
 | RLSA-2024:0786 Moderate: nss security update | 0% Низкий | почти 2 года назад | |
 | SUSE-SU-2024:0597-1 Security update for mozilla-nss | 0% Низкий | почти 2 года назад | |
| GHSA-37wm-h7xg-q6w9 An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123. | CVSS3: 7.8 | 0% Низкий | почти 2 года назад |
| GHSA-7hw4-x97q-5wx2 Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123. | CVSS3: 4.7 | 0% Низкий | почти 2 года назад |
| GHSA-g386-c6xv-h62r Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123. | CVSS3: 7.1 | 0% Низкий | почти 2 года назад |
 | CVE-2024-26283 An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123. | CVSS3: 7.8 | 0% Низкий | почти 2 года назад |
| CVE-2024-26283 An attacker could have executed unauthorized scripts on top origin sit ... | CVSS3: 7.8 | 0% Низкий | почти 2 года назад |
| CVE-2024-26282 Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123. | CVSS3: 7.1 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу