Логотип exploitDog
product: "firefox"
Консоль
Логотип exploitDog

exploitDog

product: "firefox"
Mozilla Firefox

Mozilla Firefoxсвободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox
Вендор: mozilla

График релизов

11511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614720232024202520262027

Недавние уязвимости Mozilla Firefox

Количество 15 501

github логотип

GHSA-3qmg-867g-8xrq

больше 2 лет назад

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 7.5
EPSS: Низкий
github логотип

GHSA-65rf-w3qg-h7vh

больше 2 лет назад

Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-3cw5-74j7-6q4r

больше 2 лет назад

Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-cxxg-52f9-f5mj

больше 2 лет назад

A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 4.3
EPSS: Низкий
github логотип

GHSA-cw53-7m4g-22j6

больше 2 лет назад

It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 4.3
EPSS: Низкий
github логотип

GHSA-p85h-gwrr-6mrj

больше 2 лет назад

An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-hhqg-994q-93m3

больше 2 лет назад

Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 7.5
EPSS: Низкий
github логотип

GHSA-hwgx-3qq3-2885

больше 2 лет назад

Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-5c37-6j7c-hr7x

больше 2 лет назад

The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-fpp8-6gxj-v3pg

больше 2 лет назад

When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for iOS < 119.

CVSS3: 6.1
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
github логотип
GHSA-3qmg-867g-8xrq

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 7.5
1%
Низкий
больше 2 лет назад
github логотип
GHSA-65rf-w3qg-h7vh

Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.

CVSS3: 9.8
0%
Низкий
больше 2 лет назад
github логотип
GHSA-3cw5-74j7-6q4r

Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.

CVSS3: 5.3
0%
Низкий
больше 2 лет назад
github логотип
GHSA-cxxg-52f9-f5mj

A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 4.3
0%
Низкий
больше 2 лет назад
github логотип
GHSA-cw53-7m4g-22j6

It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 4.3
0%
Низкий
больше 2 лет назад
github логотип
GHSA-p85h-gwrr-6mrj

An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 6.5
0%
Низкий
больше 2 лет назад
github логотип
GHSA-hhqg-994q-93m3

Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 7.5
1%
Низкий
больше 2 лет назад
github логотип
GHSA-hwgx-3qq3-2885

Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 9.8
0%
Низкий
больше 2 лет назад
github логотип
GHSA-5c37-6j7c-hr7x

The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

CVSS3: 6.5
0%
Низкий
больше 2 лет назад
github логотип
GHSA-fpp8-6gxj-v3pg

When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for iOS < 119.

CVSS3: 6.1
0%
Низкий
больше 2 лет назад

Уязвимостей на страницу


Поделиться