Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 679
CVE-2024-8900
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
CVE-2024-8900
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
GHSA-hj65-9wfc-jmf4
Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1.
CVE-2024-8897
Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1.
CVE-2024-8897
Under certain conditions, an attacker with the ability to redirect use ...
BDU:2025-02735
Уязвимость браузера Mozilla Firefox операционных систем Android, связанная с использованием открытой переадресации, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес
GHSA-crg5-c758-hm56
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
CVE-2024-7652
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
CVE-2024-7652
An error in the ECMA-262 specification relating to Async Generators co ...
CVE-2024-7652
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2024-8900 An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. | CVSS3: 7.5 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-8900 An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. | CVSS3: 7.5 | 0% Низкий | 10 месяцев назад |
| GHSA-hj65-9wfc-jmf4 Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1. | CVSS3: 6.1 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-8897 Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1. | CVSS3: 6.1 | 0% Низкий | 10 месяцев назад |
| CVE-2024-8897 Under certain conditions, an attacker with the ability to redirect use ... | CVSS3: 6.1 | 0% Низкий | 10 месяцев назад |
 | BDU:2025-02735 Уязвимость браузера Mozilla Firefox операционных систем Android, связанная с использованием открытой переадресации, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес | CVSS3: 6.1 | 0% Низкий | 10 месяцев назад |
| GHSA-crg5-c758-hm56 An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. | CVSS3: 7.5 | 1% Низкий | 10 месяцев назад |
| CVE-2024-7652 An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. | CVSS3: 7.5 | 1% Низкий | 10 месяцев назад |
| CVE-2024-7652 An error in the ECMA-262 specification relating to Async Generators co ... | CVSS3: 7.5 | 1% Низкий | 10 месяцев назад |
| CVE-2024-7652 An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. | CVSS3: 8.6 | 1% Низкий | 10 месяцев назад |
Уязвимостей на страницу