Mozilla Firefox — свободный браузер на движке Gecko

When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive information. *This bug only affects Firefox for Android. Other operating systems are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.

Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113.

Mozilla developers and community members Ronald Crane, Andrew McCreigh ...

Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service. *Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.

Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged ...

Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain circumstances it might have been possible to cause a document to be loaded with a higher privileged principal than intended. This vulnerability affects Firefox < 113.

Documents were incorrectly assuming an ordering of principal objects w ...

A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox < 113.

A maliciously crafted favicon could have led to an out of memory crash ...

Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox < 113.