Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 599
CVE-2025-5020
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS < 139.
BDU:2025-06031
Уязвимость браузера Firefox для iOS, существующая из-за некорректной работы обработчиков ms-cxh и ms-cxh-ful, позволяющая нарушителю, оказать воздействие на целостность защищаемой информации
GHSA-fhgm-mxgh-gfpj
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox ESR < 115.23.1.
GHSA-f333-vhwv-jvmx
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox ESR < 115.23.1.
CVE-2025-4919
An attacker was able to perform an out-of-bounds read or write on a Ja ...
CVE-2025-4919
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
CVE-2025-4918
An attacker was able to perform an out-of-bounds read or write on a Ja ...
CVE-2025-4918
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
CVE-2025-4918
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
CVE-2025-4919
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2025-5020 Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS < 139. | CVSS3: 4.3 | 0% Низкий | 29 дней назад |
 | BDU:2025-06031 Уязвимость браузера Firefox для iOS, существующая из-за некорректной работы обработчиков ms-cxh и ms-cxh-ful, позволяющая нарушителю, оказать воздействие на целостность защищаемой информации | CVSS3: 4.3 | 0% Низкий | около 1 месяца назад |
| GHSA-fhgm-mxgh-gfpj An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox ESR < 115.23.1. | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
| GHSA-f333-vhwv-jvmx An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox ESR < 115.23.1. | CVSS3: 8.8 | 0% Низкий | около 1 месяца назад |
| CVE-2025-4919 An attacker was able to perform an out-of-bounds read or write on a Ja ... | CVSS3: 8.8 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-4919 An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | CVSS3: 8.8 | 0% Низкий | около 1 месяца назад |
| CVE-2025-4918 An attacker was able to perform an out-of-bounds read or write on a Ja ... | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
| CVE-2025-4918 An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
| CVE-2025-4918 An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | CVSS3: 7.5 | 0% Низкий | около 1 месяца назад |
| CVE-2025-4919 An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | CVSS3: 8.8 | 0% Низкий | около 1 месяца назад |
Уязвимостей на страницу