Mozilla Firefox — свободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox

Вендор: mozilla

График релизов

Недавние уязвимости Mozilla Firefox

Количество 15 501

CVE-2023-5496

больше 2 лет назад

A vulnerability was found in Translator PoqDev Add-On 1.0.11 on Firefox. It has been rated as problematic. This issue affects some unknown processing of the component Select Text Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-241649 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS3: 3.1

EPSS: Низкий

BDU:2023-06938

больше 2 лет назад

Уязвимость реализации стандартов PKCS#1 v1.5, OAEP и RSASVP набора библиотек NSS (Network Security Services), позволяющая нарушителю реализовать атаку Блейхенбахера (Bleichenbacher) или атаку Марвина (Marvin)

CVSS3: 6.5

EPSS: Низкий

SUSE-SU-2023:3950-1

больше 2 лет назад

Security update for MozillaFirefox

EPSS: Низкий

SUSE-SU-2023:3949-1

больше 2 лет назад

Security update for MozillaFirefox

EPSS: Низкий

SUSE-SU-2023:3948-1

больше 2 лет назад

Security update for libvpx

EPSS: Низкий

SUSE-SU-2023:3946-1

больше 2 лет назад

Security update for libvpx

EPSS: Низкий

SUSE-SU-2023:3941-1

больше 2 лет назад

Security update for MozillaFirefox

EPSS: Низкий

SUSE-SU-2023:3940-1

больше 2 лет назад

Security update for libvpx

EPSS: Низкий

openSUSE-SU-2023:0278-1

больше 2 лет назад

Security update for seamonkey

EPSS: Критический

GHSA-qqvq-6xgj-jw8g

больше 2 лет назад

Electron affected by libvpx's heap buffer overflow in vp8 encoding

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2023-5496 A vulnerability was found in Translator PoqDev Add-On 1.0.11 on Firefox. It has been rated as problematic. This issue affects some unknown processing of the component Select Text Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-241649 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	CVSS3: 3.1	0% Низкий	больше 2 лет назад
BDU:2023-06938 Уязвимость реализации стандартов PKCS#1 v1.5, OAEP и RSASVP набора библиотек NSS (Network Security Services), позволяющая нарушителю реализовать атаку Блейхенбахера (Bleichenbacher) или атаку Марвина (Marvin)	CVSS3: 6.5	0% Низкий	больше 2 лет назад
SUSE-SU-2023:3950-1 Security update for MozillaFirefox		4% Низкий	больше 2 лет назад
SUSE-SU-2023:3949-1 Security update for MozillaFirefox		4% Низкий	больше 2 лет назад
SUSE-SU-2023:3948-1 Security update for libvpx		4% Низкий	больше 2 лет назад
SUSE-SU-2023:3946-1 Security update for libvpx		4% Низкий	больше 2 лет назад
SUSE-SU-2023:3941-1 Security update for MozillaFirefox		4% Низкий	больше 2 лет назад
SUSE-SU-2023:3940-1 Security update for libvpx		4% Низкий	больше 2 лет назад
openSUSE-SU-2023:0278-1 Security update for seamonkey		94% Критический	больше 2 лет назад
GHSA-qqvq-6xgj-jw8g Electron affected by libvpx's heap buffer overflow in vp8 encoding	CVSS3: 8.8	4% Низкий	больше 2 лет назад

Уязвимостей на страницу