Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
BDU:2025-16336
Уязвимость компонента Downloads (Загрузки) браузера Firefox операционных систем iOS, позволяющая нарушителю проводить спуфинг-атаки
GHSA-g2fh-3663-3jf8
Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6.
GHSA-pq76-9m6x-m6mx
Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6.
GHSA-24pp-jv4q-cp8j
Privilege escalation in the DOM: Notifications component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6.
GHSA-wqgj-c38v-hpmm
Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146.
GHSA-w8g6-3pw6-4hxr
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6.
GHSA-vxvx-cxrx-x52j
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6.
GHSA-4mm6-6c2q-x3fp
Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6.
GHSA-364v-7wgj-4r69
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6.
GHSA-2628-4jvp-96vc
Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | BDU:2025-16336 Уязвимость компонента Downloads (Загрузки) браузера Firefox операционных систем iOS, позволяющая нарушителю проводить спуфинг-атаки | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-g2fh-3663-3jf8 Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. | CVSS3: 9.8 | 0% Низкий | около 2 месяцев назад |
| GHSA-pq76-9m6x-m6mx Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6. | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-24pp-jv4q-cp8j Privilege escalation in the DOM: Notifications component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6. | CVSS3: 8.8 | 0% Низкий | около 2 месяцев назад |
| GHSA-wqgj-c38v-hpmm Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146. | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-w8g6-3pw6-4hxr Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6. | CVSS3: 8 | 0% Низкий | около 2 месяцев назад |
| GHSA-vxvx-cxrx-x52j Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. | CVSS3: 8.8 | 0% Низкий | около 2 месяцев назад |
| GHSA-4mm6-6c2q-x3fp Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. | CVSS3: 8.1 | 0% Низкий | около 2 месяцев назад |
| GHSA-364v-7wgj-4r69 JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. | CVSS3: 7.3 | 0% Низкий | около 2 месяцев назад |
| GHSA-2628-4jvp-96vc Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146. | CVSS3: 9.8 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу