Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
BDU:2025-16336
Уязвимость компонента Downloads (Загрузки) браузера Firefox операционных систем iOS, позволяющая нарушителю проводить спуфинг-атаки
GHSA-2628-4jvp-96vc
Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146.
GHSA-r52p-x88m-mm4j
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6.
GHSA-4mm6-6c2q-x3fp
Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6.
GHSA-2ghp-fh92-8w9r
Memory safety bugs present in Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146.
GHSA-wqgj-c38v-hpmm
Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146.
GHSA-7873-9g8c-6fm2
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6.
GHSA-c45v-h9vf-q66x
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6.
GHSA-pq76-9m6x-m6mx
Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6.
GHSA-364v-7wgj-4r69
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | BDU:2025-16336 Уязвимость компонента Downloads (Загрузки) браузера Firefox операционных систем iOS, позволяющая нарушителю проводить спуфинг-атаки | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-2628-4jvp-96vc Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146. | CVSS3: 9.8 | 0% Низкий | 2 месяца назад |
| GHSA-r52p-x88m-mm4j JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. | CVSS3: 9.8 | 0% Низкий | 2 месяца назад |
| GHSA-4mm6-6c2q-x3fp Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. | CVSS3: 8.1 | 0% Низкий | 2 месяца назад |
| GHSA-2ghp-fh92-8w9r Memory safety bugs present in Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146. | CVSS3: 7.3 | 0% Низкий | 2 месяца назад |
| GHSA-wqgj-c38v-hpmm Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146. | CVSS3: 7.5 | 0% Низкий | 2 месяца назад |
| GHSA-7873-9g8c-6fm2 Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. | CVSS3: 8.8 | 0% Низкий | 2 месяца назад |
| GHSA-c45v-h9vf-q66x JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6. | CVSS3: 9.8 | 0% Низкий | 2 месяца назад |
| GHSA-pq76-9m6x-m6mx Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6. | CVSS3: 6.5 | 0% Низкий | 2 месяца назад |
| GHSA-364v-7wgj-4r69 JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. | CVSS3: 7.3 | 0% Низкий | 2 месяца назад |
Уязвимостей на страницу