Количество 11
Количество 11
CVE-2016-5284
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
CVE-2016-5284
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
CVE-2016-5284
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
CVE-2016-5284
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunder ...
GHSA-2fqh-hxv3-hqmx
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
BDU:2021-04197
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю подделывать обновления надстроек
SUSE-SU-2016:2513-1
Security update for MozillaFirefox
SUSE-SU-2016:2434-1
Security update for MozillaFirefox
SUSE-SU-2016:2431-1
Security update for MozillaFirefox
ELSA-2016-1912
ELSA-2016-1912: firefox security update (CRITICAL)
openSUSE-SU-2016:2368-1
Security update for MozillaFirefox, mozilla-nss
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-5284 Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority. | CVSS3: 7.4 | 0% Низкий | почти 9 лет назад |
 | CVE-2016-5284 Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority. | CVSS3: 7.4 | 0% Низкий | почти 9 лет назад |
 | CVE-2016-5284 Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority. | CVSS3: 7.4 | 0% Низкий | почти 9 лет назад |
| CVE-2016-5284 Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunder ... | CVSS3: 7.4 | 0% Низкий | почти 9 лет назад |
| GHSA-2fqh-hxv3-hqmx Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority. | CVSS3: 7.4 | 0% Низкий | больше 3 лет назад |
 | BDU:2021-04197 Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю подделывать обновления надстроек | CVSS3: 7.4 | 0% Низкий | почти 9 лет назад |
 | SUSE-SU-2016:2513-1 Security update for MozillaFirefox | почти 9 лет назад | ||
| SUSE-SU-2016:2434-1 Security update for MozillaFirefox | почти 9 лет назад | ||
| SUSE-SU-2016:2431-1 Security update for MozillaFirefox | почти 9 лет назад | ||
| ELSA-2016-1912 ELSA-2016-1912: firefox security update (CRITICAL) | почти 9 лет назад | ||
| openSUSE-SU-2016:2368-1 Security update for MozillaFirefox, mozilla-nss | почти 9 лет назад |
Уязвимостей на страницу