Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 603
CVE-2024-10467
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thun ...
CVE-2024-10466
By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVE-2024-10466
By sending a specially crafted push message, a remote server could hav ...
CVE-2024-10465
A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVE-2024-10465
A clipboard "paste" button could persist across tabs which allowed a s ...
CVE-2024-10464
Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVE-2024-10464
Repeated writes to history interface attributes could have been used t ...
CVE-2024-10463
Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
CVE-2024-10463
Video frames could have been leaked between origins in some situations ...
CVE-2024-10462
Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2024-10467 Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thun ... | CVSS3: 8.8 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-10466 By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| CVE-2024-10466 By sending a specially crafted push message, a remote server could hav ... | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| CVE-2024-10465 A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
| CVE-2024-10465 A clipboard "paste" button could persist across tabs which allowed a s ... | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
| CVE-2024-10464 Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. | CVSS3: 6.5 | 1% Низкий | 8 месяцев назад |
| CVE-2024-10464 Repeated writes to history interface attributes could have been used t ... | CVSS3: 6.5 | 1% Низкий | 8 месяцев назад |
| CVE-2024-10463 Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
| CVE-2024-10463 Video frames could have been leaked between origins in some situations ... | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
| CVE-2024-10462 Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. | CVSS3: 6.5 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу