Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
CVE-2025-9183
Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox ESR < 140.2.
CVE-2025-9182
Denial-of-service due to out-of-memory in the Graphics: WebRender comp ...
CVE-2025-9182
Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.
CVE-2025-9181
Uninitialized memory in the JavaScript Engine component. This vulnerab ...
CVE-2025-9181
Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
CVE-2025-9180
Same-origin policy bypass in the Graphics: Canvas2D component. This vu ...
CVE-2025-9180
Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
CVE-2025-9179
An attacker was able to perform memory corruption in the GMP process w ...
CVE-2025-9179
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
CVE-2025-8364
A crafted URL using a blob: URI could have hidden the true origin of t ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2025-9183 Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox ESR < 140.2. | CVSS3: 6.5 | 0% Низкий | 6 месяцев назад |
| CVE-2025-9182 Denial-of-service due to out-of-memory in the Graphics: WebRender comp ... | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
| CVE-2025-9182 Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
| CVE-2025-9181 Uninitialized memory in the JavaScript Engine component. This vulnerab ... | CVSS3: 6.5 | 0% Низкий | 6 месяцев назад |
| CVE-2025-9181 Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2. | CVSS3: 6.5 | 0% Низкий | 6 месяцев назад |
| CVE-2025-9180 Same-origin policy bypass in the Graphics: Canvas2D component. This vu ... | CVSS3: 8.1 | 0% Низкий | 6 месяцев назад |
| CVE-2025-9180 Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2. | CVSS3: 8.1 | 0% Низкий | 6 месяцев назад |
| CVE-2025-9179 An attacker was able to perform memory corruption in the GMP process w ... | CVSS3: 9.8 | 0% Низкий | 6 месяцев назад |
| CVE-2025-9179 An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2. | CVSS3: 9.8 | 0% Низкий | 6 месяцев назад |
| CVE-2025-8364 A crafted URL using a blob: URI could have hidden the true origin of t ... | CVSS3: 4.3 | 0% Низкий | 6 месяцев назад |
Уязвимостей на страницу