ALT-BU-2025-1685-4
Branch c10f2 update bulletin.
Closed vulnerabilities
BDU:2023-05935
Уязвимость системы управления конфигурациями и удалённого выполнения операций SaltStack Salt, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить доступ к конфиденциальной информации
BDU:2024-04876
Уязвимость системы управления конфигурациями и удалённого выполнения операций Salt, связанная с возможностью обхода каталога, позволяющая нарушителю выполнить произвольный код
BDU:2024-04877
Уязвимость системы управления конфигурациями и удалённого выполнения операций Salt, связанная с созданием специальных URL-адресов, позволяющая нарушителю получить доступ к конфиденциальной информации
Modified: 2025-02-13
CVE-2023-20897
Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/
- https://saltproject.io/security-announcements/2023-08-10-advisory/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/
- https://saltproject.io/security-announcements/2023-08-10-advisory/
Modified: 2025-02-13
CVE-2023-20898
Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/
- https://saltproject.io/security-announcements/2023-08-10-advisory/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/
- https://saltproject.io/security-announcements/2023-08-10-advisory/
Modified: 2026-04-15
CVE-2023-34049
The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script with the privileges of the user running Salt-SSH. Do not make the copy path on the target predictable and ensure we check return codes of the scp command if the copy fails.
Modified: 2026-04-15
CVE-2024-22231
Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master.
Modified: 2026-04-15
CVE-2024-22232
A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem.
Modified: 2024-06-27
GHSA-2qw3-2wv6-p64x
Path traversal in saltstack
Modified: 2024-11-14
GHSA-4277-m35q-7c9w
Salt preflight script could be attacker controlled
- https://nvd.nist.gov/vuln/detail/CVE-2023-34049
- https://github.com/saltstack/salt/commit/286d55eb5a6e6bf9428405bdf5632b419bdf8444
- https://github.com/saltstack/salt/commit/7a14112f2a16ce70e3c3e1862c92e37af5f2c7a4
- https://github.com/saltstack/salt
- https://saltproject.io/security-announcements/2023-10-27-advisory
Modified: 2024-06-27
GHSA-q27c-j6j9-53w3
Directory creation by malicious user in saltstack
Modified: 2025-02-13
GHSA-qvh6-3j7x-3hq7
Salt can cause Git Providers to get wrong data
- https://nvd.nist.gov/vuln/detail/CVE-2023-20898
- https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-169.yaml
- https://github.com/saltstack/salt
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
- https://saltproject.io/security-announcements/2023-08-10-advisory
Modified: 2025-02-13
GHSA-vpjg-wmf8-29h9
Salt vulnerable to denial of service
- https://nvd.nist.gov/vuln/detail/CVE-2023-20897
- https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2023-166.yaml
- https://github.com/saltstack/salt
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL
- https://saltproject.io/security-announcements/2023-08-10-advisory
Package thunderbird updated to version 128.4.2-alt0.p10.1 for branch c10f2 in task 367424.
Closed vulnerabilities
Modified: 2024-11-11
BDU:2024-02338
Уязвимость браузера Mozilla Firefox, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2025-09-23
BDU:2024-03786
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-07-24
BDU:2024-03791
Уязвимость функции getBoundName() JIT-компилятора браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2025-07-24
BDU:2024-03792
Уязвимость JIT-компилятора браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2024-11-26
BDU:2024-03795
Уязвимость реализации протокола HTTP/2 браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-03796
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-07-24
BDU:2024-03873
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-03908
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, связанная с отсутствием предупреждения об опасных действиях, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольный код
Modified: 2025-09-23
BDU:2024-03909
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2025-09-26
BDU:2024-04733
Уязвимость библиотеки PDF.js связанная с доступом к ресурсу через несовместимые типы, позволяющая нарушителю выполнить произвольный JavaScript-код
Modified: 2024-11-26
BDU:2024-05142
Уязвимость функции «Save As» («Сохранить как») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю оказать влияние на конфиденциальность и целостность защищаемой информации
Modified: 2024-11-26
BDU:2024-05143
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием скрытых побочных каналов, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-26
BDU:2024-05144
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибками в настройках безопасности, позволяющая нарушителю обойти ограничения безопасности и провести атаку типа clickjacking («захват клика»)
Modified: 2024-11-26
BDU:2024-05145
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05167
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05168
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05169
Уязвимость интерфейса OffscreenCanvas браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности
Modified: 2024-11-26
BDU:2024-05170
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-06289
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с позволяющая нарушителю выполнить выход из изолированной программной среды
Modified: 2026-01-20
BDU:2024-06291
Уязвимость полноэкранного режима уведомлений браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю проводить спуфинг атаки
Modified: 2026-01-20
BDU:2024-06292
Уязвимость компонента WebAssembly браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06463
Уязвимость компонента IndexedDB браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06464
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06481
Уязвимость библиотеки ANGLE браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2026-01-20
BDU:2024-06482
Уязвимость функции Date Picker («Выбор даты») браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю предоставить произвольные разрешения и получить несанкционированный доступ к данным или функциям
Modified: 2026-01-20
BDU:2024-06568
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с чтением за границами памяти, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-06570
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти ограничения безопасности и оказать влияние на конфиденциальность и целостность защищаемой информации
Modified: 2026-01-20
BDU:2024-06572
Уязвимость компонента WebAssembly браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-06672
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06673
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06674
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-05-06
BDU:2024-06675
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным ограничением операций в пределах буфера памяти, позволяющая нарушителю оказать влияние на работу системы
Modified: 2026-01-20
BDU:2024-06676
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю повысить свои привилегии
Modified: 2025-03-21
BDU:2024-06677
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с чтением за пределами границ памяти, позволяющая нарушителю оказать влияние на работу системы
Modified: 2026-01-20
BDU:2024-06697
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06698
Уязвимость внутренних интерфейсов событий браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю повысить свои привилегии
Modified: 2026-01-20
BDU:2024-06699
Уязвимость браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, существующая из-за ошибки типов при поиске имени свойства в блоке «with», позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06701
Уязвимость браузера Mozilla Firefox, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю проводить спуфинг атаки
Modified: 2026-01-20
BDU:2024-06703
Уязвимость компонента Garbage Collector («Сборщик мусора») браузера Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06731
Уязвимость браузера Firefox, Firefox ESR, связанная с путаницей типов при обработкеStructFields и ArrayTypes в WASM, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-06887
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-06888
Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостаточной проверкой различных типов элементов, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2024-11-26
BDU:2024-06889
Уязвимость веб-браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, связанная с ошибками преобразования типов данных, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2026-01-20
BDU:2024-07929
Уязвимость обработчика управления и синхронизации анимации на веб-страницах браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-08951
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю оказать влияние на конфиденциальность защищаемой информации
Modified: 2026-01-20
BDU:2024-08952
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-09017
Уязвимость компонента Frame Iterator веб-браузера Firefox, связанная с выполнением цикла с недоступным условием выхода, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-03-21
BDU:2024-09018
Уязвимость консоли набора инструментов для веб-разработки DevTools веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-09019
Уязвимость компонента Nested iFrame Handler веб-браузера Firefox, связанная с неправильным атрибутом SameSite в файле cookie, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09020
Уязвимость компонента Form Validation Popup Handler веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09021
Уязвимость веб-браузера Firefox, связанная с небезопасным внешним контролем за критическими данными состояния, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09022
Уязвимость веб-браузера Firefox, связанная с освобождением неверного указателя, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09023
Уязвимость компонента буфера обмена веб-браузера Firefox, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-09264
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2026-01-20
BDU:2024-09265
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2026-01-20
BDU:2024-09266
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2026-01-20
BDU:2024-09267
Уязвимость реализации прикладного программного интерфейса браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-09268
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности и поучить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2024-09269
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности
Modified: 2026-01-20
BDU:2024-09290
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности, поучить несанкционированный доступ к защищаемой информации и выполнить произвольный код
Modified: 2026-01-20
BDU:2024-09291
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольный код
Modified: 2026-01-20
BDU:2024-09294
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-09311
Уязвимость функции Window.open() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2024-09442
Уязвимость веб-браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-03-21
BDU:2024-09443
Уязвимость почтового клиента Thunderbird, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-09-30
BDU:2024-09869
Уязвимость набора библиотек разработки приложений NSS веб-браузера Firefox и почтового клиента Thunderbird, связанная с выделением неограниченной памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09870
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2025-00343
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2026-01-20
BDU:2025-00962
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с записью за границами буфера, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00963
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с непринятием мер по защите структуры SQL-запроса, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00965
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00966
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2025-00967
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с недостатком в механизме подтверждения источника, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2025-00972
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Modified: 2026-01-20
BDU:2025-00973
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2026-01-20
BDU:2025-01014
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с раскрытием информации через несоответствие, позволяющая нарушителю получить доступ к потенциально конфиденциальной информации
Modified: 2025-11-03
CVE-2024-10458
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1921733
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10459
An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1919087
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1912537
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10461
In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1914521
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10462
Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1920423
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10463
Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1920800
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10464
Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1913000
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10465
A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918853
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10466
By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1924154
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10467
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-04-01
CVE-2024-2609
The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1866100
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1866100
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3302
There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1881183
- https://kb.cert.org/vuls/id/421644
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1881183
- https://kb.cert.org/vuls/id/421644
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3852
GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883542
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883542
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3854
In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1884552
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1884552
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3857
The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886683
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886683
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3859
On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1874489
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1874489
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3861
If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883158
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883158
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-03-28
CVE-2024-3863
The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1885855
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1885855
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3864
Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888333
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888333
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-24
CVE-2024-4367
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- http://seclists.org/fulldisclosure/2024/Aug/30
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
- https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
- https://github.com/gogs/gogs/issues/7928
- https://github.com/mozilla/pdf.js/releases/tag/v4.2.67
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.exploit-db.com/exploits/52273
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4767
If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1878577
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1878577
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4768
A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886082
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886082
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4769
When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886108
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886108
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4770
When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893270
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893270
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-03-13
CVE-2024-4777
Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1878199%2C1893340
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1878199%2C1893340
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-04
CVE-2024-5688
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-26
CVE-2024-5690
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883693
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883693
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-19
CVE-2024-5691
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888695
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888695
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-27
CVE-2024-5692
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-27
CVE-2024-5693
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891319
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891319
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-11-06
CVE-2024-5696
By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1896555
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1896555
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-04-04
CVE-2024-5700
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-04-04
CVE-2024-5702
Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193389
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193389
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-09-26
CVE-2024-6600
Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6601
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1890748
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1890748
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-11-03
CVE-2024-6602
A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895032
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895032
- https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6603
In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895081
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895081
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6604
Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6606
Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902305
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902305
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-07-16
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1694513
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1694513
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-25
CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-11-03
CVE-2024-6609
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
- https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-18
CVE-2024-6610
Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883396
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883396
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6611
A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1844827
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1844827
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6612
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1880374
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1880374
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6613
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1900523
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1900523
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6614
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902983
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902983
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6615
Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2024-10-29
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7519
Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902307
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-24
CVE-2024-7520
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7521
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1904644
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7522
Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1906727
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7525
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909298
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-09-17
CVE-2024-7526
ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1910306
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-18
CVE-2024-7527
Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871303
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7528
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7529
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1903187
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-11-04
CVE-2024-8381
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1912715
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2025-11-04
CVE-2024-8382
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1906744
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2025-11-04
CVE-2024-8384
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1911288
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2024-09-06
CVE-2024-8385
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Modified: 2024-10-30
CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1907032
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909163
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909529
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
Modified: 2024-09-06
CVE-2024-8387
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Modified: 2025-03-19
CVE-2024-8394
When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 128.2.
Modified: 2025-03-18
CVE-2024-8900
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
Modified: 2025-11-03
CVE-2024-9392
A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1899154
- https://bugzilla.mozilla.org/show_bug.cgi?id=1905843
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-11-03
CVE-2024-9393
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918301
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-11-03
CVE-2024-9394
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918874
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-04-04
CVE-2024-9396
It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-18
CVE-2024-9397
A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-18
CVE-2024-9398
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-14
CVE-2024-9399
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-04-04
CVE-2024-9400
A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-11-03
CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-04-04
CVE-2024-9402
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
Modified: 2025-11-04
CVE-2024-9680
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1923344
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039
- https://www.mozilla.org/security/advisories/mfsa2024-51/
- https://www.mozilla.org/security/advisories/mfsa2024-52/
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281992
- https://lists.debian.org/debian-lts-announce/2024/10/msg00005.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9680
Modified: 2025-04-25
GHSA-wgrm-67xf-hhpq
PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF
- https://github.com/mozilla/pdf.js/security/advisories/GHSA-wgrm-67xf-hhpq
- https://nvd.nist.gov/vuln/detail/CVE-2024-4367
- https://github.com/gogs/gogs/issues/7928
- https://github.com/mozilla/pdf.js/pull/18015
- https://github.com/mozilla/pdf.js/commit/85e64b5c16c9aaef738f421733c12911a441cec6
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
- https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js
- https://github.com/mozilla/pdf.js
- https://github.com/mozilla/pdf.js/releases/tag/v4.2.67
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.exploit-db.com/exploits/52273
- https://www.mozilla.org/security/advisories/mfsa2024-21
- https://www.mozilla.org/security/advisories/mfsa2024-22
- https://www.mozilla.org/security/advisories/mfsa2024-23
- http://seclists.org/fulldisclosure/2024/Aug/30
Closed bugs
Открывается слишком большое окно менеджера PGP ключей
Не отображается иконка thunderbird при запуске из терминала
Closed bugs
Lucidor не запускается
Closed vulnerabilities
Modified: 2024-11-26
BDU:2023-06938
Уязвимость реализации стандартов PKCS#1 v1.5, OAEP и RSASVP набора библиотек NSS (Network Security Services), позволяющая нарушителю реализовать атаку Блейхенбахера (Bleichenbacher) или атаку Марвина (Marvin)
Modified: 2025-03-21
BDU:2023-07274
Уязвимость полноэкранного режима браузера Firefox, позволяющая нарушителю проводить спуфинг-атаки
Modified: 2025-03-21
BDU:2023-07275
Уязвимость браузера Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2023-07276
Уязвимость браузера Firefox, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2025-03-21
BDU:2023-07277
Уязвимость браузера Firefox, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольный код
Modified: 2025-02-07
BDU:2023-07278
Уязвимость реализации прикладного программного интерфейса для 3D-графики WebGL браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-11
BDU:2023-07279
Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес
Modified: 2024-11-11
BDU:2023-07280
Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2024-11-11
BDU:2023-07281
Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2024-04-02
BDU:2023-07282
Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, связанная с недостаточным предупреждением об опасных действиях, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-11
BDU:2023-07283
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-04-02
BDU:2023-07284
Уязвимость полноэкранного режима браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю проводить спуфинг-атаки
Modified: 2024-11-11
BDU:2023-08086
Уязвимость метода WebGL2RenderingContext.blitFramebuffer() интерфейса WebGL2 браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-11
BDU:2023-08087
Уязвимость полноэкранного режима браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2024-11-11
BDU:2023-08088
Уязвимость системы графического отображения X11 браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
Modified: 2025-07-24
BDU:2023-08115
Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-11
BDU:2023-08116
Уязвимость функции MessagePort::Entangled() браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании или оказать иное воздействие
Modified: 2025-03-21
BDU:2023-08142
Уязвимость режима HTTPS-only Mode браузера Firefox, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2025-03-21
BDU:2023-08320
Уязвимость браузера Mozilla Firefox, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2023-08321
Уязвимость браузера Mozilla Firefox, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю проводить фишинг-атаки
Modified: 2024-11-11
BDU:2023-08322
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверным ограничением имени пути с символами "/.. /", позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-11
BDU:2023-08332
Уязвимость функции ReadableByteStreams браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
BDU:2023-08952
Уязвимость push-уведомлений браузера Mozilla Firefox операционных систем Android, позволяющая нарушителю получить несанкционированный доступ к ограниченным функциям
Modified: 2025-03-21
BDU:2023-08959
Уязвимость изолированной среды iframe браузера Mozilla Firefox, позволяющая нарушителю обойти существующие ограничения безопасности
Modified: 2024-11-11
BDU:2023-09018
Уязвимость браузеров Firefox, Firefox ESR, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2024-11-11
BDU:2023-09031
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с нарушением начальной границы буфера, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность данных
Modified: 2024-11-11
BDU:2023-09055
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
BDU:2023-09056
Уязвимость службы сетевой безопасности NSS браузера Mozilla Firefox, позволяющая нарушителю получить доступ к конфиденциальной информации
Modified: 2025-03-21
BDU:2023-09057
Уязвимость браузера Mozilla Firefox, связанная с недостатками в обработке исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-11
BDU:2023-09058
Уязвимость компонента VideoBridge браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти защитный механизм защиты изолированной программной среды
Modified: 2024-11-11
BDU:2023-09059
Уязвимость режима инкогнито браузеров Mozilla Firefox, Firefox ESR, связанная с использованием неинициализированных переменных, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2024-11-11
BDU:2023-09115
Уязвимость функции nsTextFragment браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-11
BDU:2023-09116
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после её освобождения, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-11
BDU:2023-09117
Уязвимость метода nsWindow::PickerOpen(void) браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-11
BDU:2023-09118
Уязвимость функции ShutdownObserver() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-11
BDU:2023-09119
Уязвимость метода WebGL DrawElementsInstanced браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2025-03-21
BDU:2023-09126
Уязвимость полноэкранных уведомлений браузера Mozilla Firefox и Firefox Focus операционных систем Android, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-03-21
BDU:2023-09127
Уязвимость браузера Mozilla Firefox и Firefox Focus, связанная с отсутствием предупреждения при переходе к новому обработчику, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2026-04-09
BDU:2024-00031
Уязвимость браузера Mozilla, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-00059
Уязвимость заголовок вкладок браузера Mozilla Firefox, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2024-00726
Уязвимость браузера Mozilla Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-00729
Уязвимость реализации технологии WASM браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-11
BDU:2024-00730
Уязвимость реализации механизма HSTS (HTTP Strict Transport Security) браузервов Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти механизмы защиты
Modified: 2024-11-11
BDU:2024-00803
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-00804
Уязвимость браузера Mozilla Firefox, связанная с непроверенным возвращаемым значением, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-11
BDU:2024-00805
Уязвимость набора инструментов для веб-разработки DevTools браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю повысить привилегии
Modified: 2025-03-21
BDU:2024-00806
Уязвимость браузера Mozilla Firefox, связанная с недостатками разграничения доступа, позволяющая нарушителю установить произвольный URI в адресной строке или истории браузера
Modified: 2024-11-11
BDU:2024-00807
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибками в настройках безопасности, позволяющая нарушителю обойти существующие ограничения безопасности
Modified: 2024-11-11
BDU:2024-00808
Уязвимость библиотеки ANGLE браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-00809
Уязвимость компонента WebAudio браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2024-11-11
BDU:2024-00810
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-00811
Уязвимость браузера Mozilla Firefox, связанная с разыменованием недоверенного указателя, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-11
BDU:2024-00812
Уязвимость изолированной среды iframe браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности и изменить CSP (Content Security Policy)
Modified: 2024-11-11
BDU:2024-00813
Уязвимость всплывающих уведомлений браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю предоставить разрешения для веб-сайта
Modified: 2024-11-11
BDU:2024-00814
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю провести спуфинг-атаки
Modified: 2024-11-11
BDU:2024-01619
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг-атаки
Modified: 2024-11-11
BDU:2024-01659
Уязвимость полноэкранного режима браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю проводить спуфинг-атаки
Modified: 2024-11-11
BDU:2024-01660
Уязвимость реализации отображения курсора браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить произвольные разрешения на веб-сайте без согласия пользователя
Modified: 2025-02-07
BDU:2024-01661
Уязвимость реализации прикладного программного интерфейса браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю отобразить alertdialog на другом веб-сайте
Modified: 2024-11-11
BDU:2024-01662
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверным ограничением визуализируемых слоев или фреймов пользовательского интерфейса, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-11
BDU:2024-01663
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверной нейтрализацией особых элементов в выходных данных, используемых входящим компонентом, позволяющая нарушителю внедрить произвольные HTTP-заголовки
Modified: 2024-09-24
BDU:2024-01664
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неверной нейтрализацией особых элементов в выходных данных, используемых входящим компонентом, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-11
BDU:2024-01815
Уязвимость браузера Mozilla Firefox, Firefox ESR, Thunderbird, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-01816
Уязвимость браузера Mozilla Firefox связанная с ошибками при обработке SameSite cookies, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Modified: 2025-03-21
BDU:2024-01817
Уязвимость функции fetch браузера Mozilla Firefox связанная с ошибками управления ресурсом, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Modified: 2025-03-21
BDU:2024-01818
Уязвимость встроенного профилировщика браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-01819
Уязвимость браузера Mozilla Firefox связанная с выходом операции за границы буфера, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-14
BDU:2024-02304
Уязвимость браузеров Mozilla Firefox и Firefox ESR, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код
Modified: 2025-03-21
BDU:2024-02305
Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-02315
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-02316
Уязвимость функций AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding() и AppendEncodedCharacters() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-02321
Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-02323
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, существующая из-за непринятия мер по защите структуры веб-страницы, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-26
BDU:2024-02327
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-02329
Уязвимость службы регистрации ошибок Windows Error Reporter браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-02333
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-02334
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю получить разрешения от пользователя
Modified: 2024-11-11
BDU:2024-02338
Уязвимость браузера Mozilla Firefox, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2025-03-21
BDU:2024-02341
Уязвимость браузера Mozilla Firefox, связанная с некорректной обработкой значений регистра WASM, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-02360
Уязвимость браузера Mozilla Firefox, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03719
Уязвимость компонента JIT браузера Mozilla Firefox, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2025-03-21
BDU:2024-03720
Уязвимость реализации технологии WASM браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2025-09-23
BDU:2024-03786
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-07-24
BDU:2024-03791
Уязвимость функции getBoundName() JIT-компилятора браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2025-07-24
BDU:2024-03792
Уязвимость JIT-компилятора браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2025-03-21
BDU:2024-03793
Уязвимость компонента MarkStack обработчика JavaScript-сценариев браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03794
Уязвимость JIT-компилятора браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-03795
Уязвимость реализации протокола HTTP/2 браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-03796
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-07-24
BDU:2024-03873
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-03874
Уязвимость функции js::CheckTracedThing() JIT-компилятора браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03875
Уязвимость компонента Garbage Collector («Сборщик мусора») браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-03907
Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-03908
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, связанная с отсутствием предупреждения об опасных действиях, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольный код
Modified: 2025-09-23
BDU:2024-03909
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2024-04171
Уязвимость браузера Firefox for iOS, связанная с недостаточной проверкой входных данных, позволяющая нарушителю обойти ограничения безопасности и загружать произвольные страницы
BDU:2024-04172
Уязвимость браузера Firefox for iOS, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю добавить небезопасный элемент на страницу после определенной задержки времени
Modified: 2025-09-26
BDU:2024-04733
Уязвимость библиотеки PDF.js связанная с доступом к ресурсу через несовместимые типы, позволяющая нарушителю выполнить произвольный JavaScript-код
BDU:2024-05102
Уязвимость браузера Mozilla Firefox for Android, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти ограничения безопасности и оказать влияние на целостность защищаемой информации
Modified: 2024-11-26
BDU:2024-05142
Уязвимость функции «Save As» («Сохранить как») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю оказать влияние на конфиденциальность и целостность защищаемой информации
Modified: 2024-11-26
BDU:2024-05143
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием скрытых побочных каналов, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-26
BDU:2024-05144
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибками в настройках безопасности, позволяющая нарушителю обойти ограничения безопасности и провести атаку типа clickjacking («захват клика»)
Modified: 2024-11-26
BDU:2024-05145
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05167
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05168
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05169
Уязвимость интерфейса OffscreenCanvas браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности
Modified: 2024-11-26
BDU:2024-05170
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-06289
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с позволяющая нарушителю выполнить выход из изолированной программной среды
Modified: 2026-01-20
BDU:2024-06291
Уязвимость полноэкранного режима уведомлений браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю проводить спуфинг атаки
Modified: 2026-01-20
BDU:2024-06292
Уязвимость компонента WebAssembly браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06463
Уязвимость компонента IndexedDB браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06464
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2025-10-29
BDU:2024-06469
Уязвимость компоненте шифрования NSS браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю получить доступ к защищаемой информации
Modified: 2026-01-20
BDU:2024-06481
Уязвимость библиотеки ANGLE браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2026-01-20
BDU:2024-06482
Уязвимость функции Date Picker («Выбор даты») браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю предоставить произвольные разрешения и получить несанкционированный доступ к данным или функциям
Modified: 2026-03-04
BDU:2024-06483
Уязвимость компонента Garbage Collector («Сборщик мусора») браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06568
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с чтением за границами памяти, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-06569
Уязвимость компонента Content Security Policy браузеров Firefox, Firefox ESR, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
Modified: 2026-01-20
BDU:2024-06570
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти ограничения безопасности и оказать влияние на конфиденциальность и целостность защищаемой информации
BDU:2024-06571
Уязвимость браузера Mozilla Firefox, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю проводить спуфинг-атаки
Modified: 2026-01-20
BDU:2024-06572
Уязвимость компонента WebAssembly браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-26
BDU:2024-06672
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06673
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06674
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-05-06
BDU:2024-06675
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным ограничением операций в пределах буфера памяти, позволяющая нарушителю оказать влияние на работу системы
Modified: 2026-01-20
BDU:2024-06676
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю повысить свои привилегии
Modified: 2025-03-21
BDU:2024-06677
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с чтением за пределами границ памяти, позволяющая нарушителю оказать влияние на работу системы
BDU:2024-06696
Уязвимость полноэкранного режима уведомлений браузера Mozilla Firefox операционных систем Android, позволяющая нарушителю проводить спуфинг атаки
Modified: 2026-01-20
BDU:2024-06697
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06698
Уязвимость внутренних интерфейсов событий браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю повысить свои привилегии
Modified: 2026-01-20
BDU:2024-06699
Уязвимость браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, существующая из-за ошибки типов при поиске имени свойства в блоке «with», позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06700
Уязвимость браузера Firefox, Firefox ESR, связанная с отсутствием диалогового окна подтверждения при открытии связанных с Usenet схем "news:" и "snews:", позволяющая нарушителю загрузить произвольное приложение и выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06701
Уязвимость браузера Mozilla Firefox, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю проводить спуфинг атаки
Modified: 2026-03-04
BDU:2024-06702
Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06703
Уязвимость компонента Garbage Collector («Сборщик мусора») браузера Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06731
Уязвимость браузера Firefox, Firefox ESR, связанная с путаницей типов при обработкеStructFields и ArrayTypes в WASM, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06862
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с разыменованием указателя NULL, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06880
Уязвимость веб-браузера Firefox, связанная с некорректным ограничением визуализируемых слоев пользовательского интерфейса, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
Modified: 2025-03-21
BDU:2024-06881
Уязвимость веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-06882
Уязвимость веб-браузера Firefox, связанная с неправильной обработкой перекрытий между защищенными диапазонами памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06883
Уязвимость веб-браузера Firefox, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06884
Уязвимость веб-браузера Firefox, связанная с отсутствием обработчика, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06885
Уязвимость веб-браузера Firefox, связанная с использованием открытой переадресации, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06886
Уязвимость веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-06887
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-06888
Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостаточной проверкой различных типов элементов, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2024-11-26
BDU:2024-06889
Уязвимость веб-браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, связанная с ошибками преобразования типов данных, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-06890
Уязвимость компонента WebRTC веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06924
Уязвимость веб-браузера Firefox, связанная с недостаточной проверкой регистра, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06993
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-07929
Уязвимость обработчика управления и синхронизации анимации на веб-страницах браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю выполнить произвольный код
Modified: 2026-03-04
BDU:2024-08484
Уязвимость компонента Selection Node Cache браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-08951
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю оказать влияние на конфиденциальность защищаемой информации
Modified: 2026-01-20
BDU:2024-08952
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-09017
Уязвимость компонента Frame Iterator веб-браузера Firefox, связанная с выполнением цикла с недоступным условием выхода, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-03-21
BDU:2024-09018
Уязвимость консоли набора инструментов для веб-разработки DevTools веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-09019
Уязвимость компонента Nested iFrame Handler веб-браузера Firefox, связанная с неправильным атрибутом SameSite в файле cookie, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09020
Уязвимость компонента Form Validation Popup Handler веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09021
Уязвимость веб-браузера Firefox, связанная с небезопасным внешним контролем за критическими данными состояния, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09022
Уязвимость веб-браузера Firefox, связанная с освобождением неверного указателя, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09023
Уязвимость компонента буфера обмена веб-браузера Firefox, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09024
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09025
Уязвимость движка JavaScript веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-09026
Уязвимость страницы создания скриншотов веб-браузера Firefox, связанная с некорректным ограничением визуализируемых слоев пользовательского интерфейса, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2026-01-20
BDU:2024-09264
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2026-01-20
BDU:2024-09265
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2026-01-20
BDU:2024-09266
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2026-01-20
BDU:2024-09267
Уязвимость реализации прикладного программного интерфейса браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-09268
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности и поучить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2024-09269
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности
Modified: 2026-01-20
BDU:2024-09290
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности, поучить несанкционированный доступ к защищаемой информации и выполнить произвольный код
Modified: 2026-01-20
BDU:2024-09291
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольный код
Modified: 2025-08-13
BDU:2024-09292
Уязвимость полноэкранного режима (Full Screen Mode) браузера Mozilla Firefox Focus операционных систем Android, позволяющая нарушителю проводить спуфинг-атаки
BDU:2024-09293
Уязвимость браузера Mozilla Firefox операционных систем Android, связанная с ложным представлением критической информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг-атаки
Modified: 2026-01-20
BDU:2024-09294
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-03-04
BDU:2024-09310
Уязвимость браузера Mozilla Firefox и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-09311
Уязвимость функции Window.open() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2024-09442
Уязвимость веб-браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-09-30
BDU:2024-09869
Уязвимость набора библиотек разработки приложений NSS веб-браузера Firefox и почтового клиента Thunderbird, связанная с выделением неограниченной памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09870
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2024-11513
Уязвимость браузера Firefox, связанная с неправильным ограничением отображаемых слоев или фреймов пользовательского интерфейса, позволяющая нарушителю проводить спуфинг атаки
Modified: 2025-03-21
BDU:2025-00343
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2026-03-04
BDU:2025-00960
Уязвимость веб-браузера Firefox, почтового клиента Thunderbird, связанная с одновременным выполнением с использованием общего ресурса с неправильной синхронизацией, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00962
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с записью за границами буфера, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00963
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с непринятием мер по защите структуры SQL-запроса, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00965
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00966
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2025-00967
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с недостатком в механизме подтверждения источника, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2025-00972
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Modified: 2026-01-20
BDU:2025-00973
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2026-01-20
BDU:2025-01014
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с раскрытием информации через несоответствие, позволяющая нарушителю получить доступ к потенциально конфиденциальной информации
BDU:2025-02735
Уязвимость браузера Mozilla Firefox операционных систем Android, связанная с использованием открытой переадресации, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес
Modified: 2026-03-04
BDU:2025-06223
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-03-04
BDU:2025-06230
Уязвимость браузера Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2026-03-04
BDU:2025-06660
Уязвимость браузера Mozilla Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-11-04
CVE-2023-5388
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1780432
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1780432
- https://lists.debian.org/debian-lts-announce/2024/03/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2024-11-21
CVE-2023-5721
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1830820
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1830820
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
Modified: 2024-11-21
CVE-2023-5722
Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738426
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738426
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5723
An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1802057
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1802057
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5724
Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1836705
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1836705
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
Modified: 2024-11-21
CVE-2023-5725
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1845739
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1845739
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
Modified: 2024-11-21
CVE-2023-5726
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1846205
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1846205
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
Modified: 2024-11-21
CVE-2023-5727
The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1847180
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1847180
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
Modified: 2024-11-21
CVE-2023-5728
During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1852729
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1852729
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
Modified: 2024-11-21
CVE-2023-5729
A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823720
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823720
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5730
Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695
- https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html
- https://www.debian.org/security/2023/dsa-5535
- https://www.debian.org/security/2023/dsa-5538
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-46/
- https://www.mozilla.org/security/advisories/mfsa2023-47/
Modified: 2024-11-21
CVE-2023-5731
Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1690111%2C1721904%2C1851803%2C1854068
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1690111%2C1721904%2C1851803%2C1854068
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-6135
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1853908
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1853908
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6204
On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1841050
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1841050
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
Modified: 2024-11-21
CVE-2023-6205
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1854076
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1854076
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
Modified: 2024-11-21
CVE-2023-6206
The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1857430
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1857430
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
Modified: 2024-11-21
CVE-2023-6207
Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1861344
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1861344
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
Modified: 2024-11-21
CVE-2023-6208
When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11. Other systems are unaffected.* This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1855345
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1855345
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
Modified: 2024-11-21
CVE-2023-6209
Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1858570
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1858570
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
Modified: 2024-11-21
CVE-2023-6210
When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1801501
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1801501
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
Modified: 2024-11-21
CVE-2023-6211
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1850200
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1850200
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
Modified: 2024-11-21
CVE-2023-6212
Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1658432%2C1820983%2C1829252%2C1856072%2C1856091%2C1859030%2C1860943%2C1862782
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1658432%2C1820983%2C1829252%2C1856072%2C1856091%2C1859030%2C1860943%2C1862782
- https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html
- https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html
- https://www.debian.org/security/2023/dsa-5561
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-50/
- https://www.mozilla.org/security/advisories/mfsa2023-52/
Modified: 2024-11-21
CVE-2023-6213
Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1849265%2C1851118%2C1854911
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1849265%2C1851118%2C1854911
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
Modified: 2024-11-21
CVE-2023-6856
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1843782
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1843782
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6857
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1796023
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1796023
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2025-05-07
CVE-2023-6858
Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1826791
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1826791
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6859
A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1840144
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1840144
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6860
The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1854669
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1854669
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6861
The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1864118
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1864118
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6863
The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868901
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868901
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6864
Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1736385%2C1810805%2C1846328%2C1856090%2C1858033%2C1858509%2C1862089%2C1862777%2C1864015
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1736385%2C1810805%2C1846328%2C1856090%2C1858033%2C1858509%2C1862089%2C1862777%2C1864015
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-55/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6865
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1864123
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1864123
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6866
TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849037
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849037
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6867
The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1863863
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1863863
- https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5581
- https://www.mozilla.org/security/advisories/mfsa2023-54/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6868
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. *This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1865488
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1865488
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2025-05-07
CVE-2023-6869
A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1799036
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1799036
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6870
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. *This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823316
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823316
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6871
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1828334
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1828334
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6872
Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849186
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849186
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6873
Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2025-05-30
CVE-2024-0741
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1864587
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1864587
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
Modified: 2025-05-30
CVE-2024-0742
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1867152
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1867152
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
Modified: 2025-11-03
CVE-2024-0743
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1867408
- https://lists.debian.org/debian-lts-announce/2024/03/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1867408
- https://lists.debian.org/debian-lts-announce/2024/03/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2024-11-21
CVE-2024-0744
In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2024-11-21
CVE-2024-0745
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2025-06-20
CVE-2024-0746
A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1660223
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1660223
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
Modified: 2025-05-22
CVE-2024-0747
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1764343
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1764343
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
Modified: 2025-06-11
CVE-2024-0748
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
Modified: 2025-05-22
CVE-2024-0749
A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1813463
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1813463
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
Modified: 2025-06-20
CVE-2024-0750
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1863083
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1863083
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
Modified: 2025-06-20
CVE-2024-0751
A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1865689
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1865689
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
Modified: 2025-06-20
CVE-2024-0752
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2025-06-07
CVE-2024-0753
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1870262
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1870262
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://www.youtube.com/watch?v=JjMb7Z8ak2k
Modified: 2025-05-22
CVE-2024-0754
Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122.
Modified: 2025-05-22
CVE-2024-0755
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1868456%2C1871445%2C1873701
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1868456%2C1871445%2C1873701
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
- https://www.mozilla.org/security/advisories/mfsa2024-01/
- https://www.mozilla.org/security/advisories/mfsa2024-02/
- https://www.mozilla.org/security/advisories/mfsa2024-04/
Modified: 2025-04-04
CVE-2024-10004
Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly This vulnerability affects Firefox for iOS < 131.2.
Modified: 2025-11-03
CVE-2024-10458
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1921733
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10459
An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1919087
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1912537
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10461
In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1914521
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10462
Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1920423
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10463
Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1920800
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10464
Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1913000
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10465
A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918853
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10466
By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1924154
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10467
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2024-11-04
CVE-2024-10468
Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132.
Modified: 2025-02-10
CVE-2024-10941
A malicious website could have included an iframe with an malformed URI resulting in a non-exploitable browser crash. This vulnerability affects Firefox < 126.
Modified: 2025-03-27
CVE-2024-1546
When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1843752
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1843752
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
Modified: 2025-03-28
CVE-2024-1547
Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1877879
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1877879
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
Modified: 2025-03-27
CVE-2024-1548
A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1832627
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1832627
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
Modified: 2025-03-27
CVE-2024-1549
If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1833814
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1833814
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
Modified: 2025-03-27
CVE-2024-1550
A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1860065
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1860065
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
Modified: 2025-04-02
CVE-2024-1551
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1864385
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1864385
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
Modified: 2025-03-27
CVE-2024-1552
Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1874502
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1874502
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
Modified: 2025-03-27
CVE-2024-1553
Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286
- https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://www.mozilla.org/security/advisories/mfsa2024-06/
- https://www.mozilla.org/security/advisories/mfsa2024-07/
Modified: 2025-04-02
CVE-2024-1554
The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers `fetch()` may contain. Under the correct circumstances, an attacker may have been able to poison the local browser cache by priming it with a `fetch()` response controlled by the additional headers. Upon navigation to the same URL, the user would see the cached response instead of the expected response. This vulnerability affects Firefox < 123.
Modified: 2025-03-27
CVE-2024-1555
When opening a website using the `firefox://` protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox < 123.
Modified: 2025-03-27
CVE-2024-1556
The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123.
Modified: 2025-05-06
CVE-2024-1557
Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746471%2C1848829%2C1864011%2C1869175%2C1869455%2C1869938%2C1871606
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746471%2C1848829%2C1864011%2C1869175%2C1869455%2C1869938%2C1871606
- https://www.mozilla.org/security/advisories/mfsa2024-05/
Modified: 2025-04-01
CVE-2024-2605
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1872920
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1872920
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2025-04-01
CVE-2024-2606
Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox < 124.
Modified: 2025-04-01
CVE-2024-2607
Return registers were overwritten which could have allowed an attacker to execute arbitrary code. *Note:* This issue only affected Armv7-A systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1879939
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1879939
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2025-04-01
CVE-2024-2608
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1880692
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1880692
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2025-04-01
CVE-2024-2609
The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1866100
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1866100
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-2610
Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871112
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871112
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2025-04-01
CVE-2024-2611
A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1876675
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1876675
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2025-07-17
CVE-2024-2612
If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1879444
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1879444
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2025-02-25
CVE-2024-2613
Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.
Modified: 2025-02-25
CVE-2024-2614
Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1685358%2C1861016%2C1880405%2C1881093
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1685358%2C1861016%2C1880405%2C1881093
- https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-12/
- https://www.mozilla.org/security/advisories/mfsa2024-13/
- https://www.mozilla.org/security/advisories/mfsa2024-14/
Modified: 2025-03-14
CVE-2024-2615
Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124.
Modified: 2025-04-01
CVE-2024-29943
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1.
- http://www.openwall.com/lists/oss-security/2024/03/23/1
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886849
- https://www.mozilla.org/security/advisories/mfsa2024-15/
- http://www.openwall.com/lists/oss-security/2024/03/23/1
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886849
- https://www.mozilla.org/security/advisories/mfsa2024-15/
Modified: 2025-04-01
CVE-2024-29944
An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox < 124.0.1 and Firefox ESR < 115.9.1.
- http://www.openwall.com/lists/oss-security/2024/03/23/1
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886852
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-15/
- https://www.mozilla.org/security/advisories/mfsa2024-16/
- http://www.openwall.com/lists/oss-security/2024/03/23/1
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886852
- https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-15/
- https://www.mozilla.org/security/advisories/mfsa2024-16/
Modified: 2025-04-09
CVE-2024-31392
If an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status This vulnerability affects Firefox for iOS < 124.
Modified: 2025-04-09
CVE-2024-31393
Dragging Javascript URLs to the address bar could cause them to be loaded, bypassing restrictions and security protections This vulnerability affects Firefox for iOS < 124.
Modified: 2025-04-01
CVE-2024-3302
There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1881183
- https://kb.cert.org/vuls/id/421644
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1881183
- https://kb.cert.org/vuls/id/421644
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3852
GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883542
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883542
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-03-31
CVE-2024-3853
A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125.
Modified: 2025-04-01
CVE-2024-3854
In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1884552
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1884552
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-03-31
CVE-2024-3855
In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125.
Modified: 2025-03-31
CVE-2024-3856
A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox < 125.
Modified: 2025-04-01
CVE-2024-3857
The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886683
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886683
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-03-31
CVE-2024-3858
It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox < 125.
Modified: 2025-04-01
CVE-2024-3859
On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1874489
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1874489
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-03-31
CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125.
Modified: 2025-04-01
CVE-2024-3861
If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883158
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883158
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-03-31
CVE-2024-3862
The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox < 125.
Modified: 2025-03-28
CVE-2024-3863
The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1885855
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1885855
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-04-01
CVE-2024-3864
Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888333
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888333
- https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-19/
- https://www.mozilla.org/security/advisories/mfsa2024-20/
Modified: 2025-05-01
CVE-2024-3865
Memory safety bugs present in Firefox 124. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125.
Modified: 2025-04-24
CVE-2024-4367
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- http://seclists.org/fulldisclosure/2024/Aug/30
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
- https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
- https://github.com/gogs/gogs/issues/7928
- https://github.com/mozilla/pdf.js/releases/tag/v4.2.67
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.exploit-db.com/exploits/52273
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4764
Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox < 126.
Modified: 2025-04-04
CVE-2024-4765
Web application manifests were stored by using an insecure MD5 hash which allowed for a hash collision to overwrite another application's manifest. This could have been exploited to run arbitrary code in another application's context. *This issue only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 126.
Modified: 2025-04-04
CVE-2024-4766
Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 126.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871214
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871217
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871214
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871217
- https://www.mozilla.org/security/advisories/mfsa2024-21/
Modified: 2025-04-01
CVE-2024-4767
If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1878577
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1878577
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4768
A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886082
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886082
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4769
When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886108
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886108
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4770
When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893270
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893270
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-01
CVE-2024-4771
A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126.
Modified: 2025-04-01
CVE-2024-4772
An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126.
Modified: 2025-04-04
CVE-2024-4773
When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126.
Modified: 2025-03-28
CVE-2024-4774
The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox < 126.
Modified: 2025-04-01
CVE-2024-4775
An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 126.
Modified: 2025-04-01
CVE-2024-4776
A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox < 126.
Modified: 2025-03-13
CVE-2024-4777
Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1878199%2C1893340
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1878199%2C1893340
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://www.mozilla.org/security/advisories/mfsa2024-22/
- https://www.mozilla.org/security/advisories/mfsa2024-23/
Modified: 2025-04-04
CVE-2024-4778
Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1838834%2C1889291%2C1889595%2C1890204%2C1891545
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1838834%2C1889291%2C1889595%2C1890204%2C1891545
- https://www.mozilla.org/security/advisories/mfsa2024-21/
Modified: 2025-03-27
CVE-2024-5687
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the `Referer` and `Sec-*` headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 127.
Modified: 2025-04-04
CVE-2024-5688
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2024-11-21
CVE-2024-5689
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. This vulnerability affects Firefox < 127.
Modified: 2025-03-26
CVE-2024-5690
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883693
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883693
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-19
CVE-2024-5691
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888695
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888695
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-27
CVE-2024-5692
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-27
CVE-2024-5693
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891319
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891319
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-14
CVE-2024-5694
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127.
Modified: 2024-11-21
CVE-2024-5695
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox < 127.
Modified: 2025-11-06
CVE-2024-5696
By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1896555
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1896555
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-13
CVE-2024-5697
A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127.
Modified: 2025-03-14
CVE-2024-5698
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127.
Modified: 2025-04-04
CVE-2024-5699
In violation of spec, cookie prefixes such as `__Secure` were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox < 127.
Modified: 2025-04-04
CVE-2024-5700
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-04-03
CVE-2024-5701
Memory safety bugs present in Firefox 126. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1890909%2C1891422%2C1893915%2C1894047%2C1896024
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1890909%2C1891422%2C1893915%2C1894047%2C1896024
- https://www.mozilla.org/security/advisories/mfsa2024-25/
Modified: 2025-04-04
CVE-2024-5702
Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193389
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193389
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-09-26
CVE-2024-6600
Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6601
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1890748
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1890748
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-11-03
CVE-2024-6602
A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895032
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895032
- https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6603
In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895081
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895081
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6604
Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6605
Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox < 128.
Modified: 2025-04-04
CVE-2024-6606
Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902305
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902305
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-07-16
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1694513
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1694513
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-25
CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-11-03
CVE-2024-6609
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
- https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-18
CVE-2024-6610
Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883396
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883396
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6611
A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1844827
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1844827
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6612
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1880374
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1880374
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6613
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1900523
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1900523
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6614
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902983
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902983
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6615
Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2024-10-29
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7519
Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902307
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-24
CVE-2024-7520
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7521
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1904644
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7522
Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1906727
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-14
CVE-2024-7523
A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. *This issue only affects Android versions of Firefox.* This vulnerability affects Firefox < 129.
Modified: 2025-03-25
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
Modified: 2024-08-12
CVE-2024-7525
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909298
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-09-17
CVE-2024-7526
ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1910306
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-18
CVE-2024-7527
Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871303
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7528
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7529
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1903187
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7530
Incorrect garbage collection interaction could have led to a use-after-free. This vulnerability affects Firefox < 129.
Modified: 2025-03-19
CVE-2024-7531
Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
Modified: 2025-04-04
CVE-2024-7652
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1901411
- https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-11-04
CVE-2024-8381
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1912715
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2025-11-04
CVE-2024-8382
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1906744
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2025-11-04
CVE-2024-8383
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1908496
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2025-11-04
CVE-2024-8384
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1911288
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2024-09-06
CVE-2024-8385
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Modified: 2024-10-30
CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1907032
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909163
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909529
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
Modified: 2024-09-06
CVE-2024-8387
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Modified: 2024-10-30
CVE-2024-8388
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130.
Modified: 2024-09-04
CVE-2024-8389
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130.
Modified: 2025-03-19
CVE-2024-8897
Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1.
Modified: 2025-03-18
CVE-2024-8900
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
Modified: 2025-04-04
CVE-2024-9391
A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.
Modified: 2025-11-03
CVE-2024-9392
A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1899154
- https://bugzilla.mozilla.org/show_bug.cgi?id=1905843
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-11-03
CVE-2024-9393
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918301
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-11-03
CVE-2024-9394
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918874
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-04-04
CVE-2024-9395
A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.
Modified: 2025-04-04
CVE-2024-9396
It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-18
CVE-2024-9397
A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-18
CVE-2024-9398
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-14
CVE-2024-9399
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-04-04
CVE-2024-9400
A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-11-03
CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-04-04
CVE-2024-9402
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
Modified: 2025-03-31
CVE-2024-9403
Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131.
Modified: 2025-11-04
CVE-2024-9680
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1923344
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039
- https://www.mozilla.org/security/advisories/mfsa2024-51/
- https://www.mozilla.org/security/advisories/mfsa2024-52/
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281992
- https://lists.debian.org/debian-lts-announce/2024/10/msg00005.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9680
Modified: 2025-03-31
CVE-2024-9936
When manipulating the selection node cache, an attacker may have been able to cause unexpected behavior, potentially leading to an exploitable crash. This vulnerability affects Firefox < 131.0.3.
Modified: 2026-04-13
CVE-2025-4093
Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox ESR 128.10 and Thunderbird 128.10.
Modified: 2026-04-13
CVE-2025-5263
Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1960745
- https://www.mozilla.org/security/advisories/mfsa2025-42/
- https://www.mozilla.org/security/advisories/mfsa2025-43/
- https://www.mozilla.org/security/advisories/mfsa2025-44/
- https://www.mozilla.org/security/advisories/mfsa2025-45/
- https://www.mozilla.org/security/advisories/mfsa2025-46/
- https://lists.debian.org/debian-lts-announce/2025/05/msg00043.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00046.html
Modified: 2026-04-13
CVE-2025-5269
Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox ESR 128.11 and Thunderbird 128.11.
Modified: 2025-04-25
GHSA-wgrm-67xf-hhpq
PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF
- https://github.com/mozilla/pdf.js/security/advisories/GHSA-wgrm-67xf-hhpq
- https://nvd.nist.gov/vuln/detail/CVE-2024-4367
- https://github.com/gogs/gogs/issues/7928
- https://github.com/mozilla/pdf.js/pull/18015
- https://github.com/mozilla/pdf.js/commit/85e64b5c16c9aaef738f421733c12911a441cec6
- https://bugzilla.mozilla.org/show_bug.cgi?id=1893645
- https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js
- https://github.com/mozilla/pdf.js
- https://github.com/mozilla/pdf.js/releases/tag/v4.2.67
- https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html
- https://www.exploit-db.com/exploits/52273
- https://www.mozilla.org/security/advisories/mfsa2024-21
- https://www.mozilla.org/security/advisories/mfsa2024-22
- https://www.mozilla.org/security/advisories/mfsa2024-23
- http://seclists.org/fulldisclosure/2024/Aug/30
Closed bugs
Дублируется иконка при запуске браузера Firefox в сессии Xorg
Отображается 124.0 вместо 124.0.1
Описание пакета устарело
Не работает плагин КриптоПро ЭЦП Browser plug-in
Отсутствует иконка firefox на панели управления
Closed vulnerabilities
Modified: 2024-08-06
BDU:2024-02838
Уязвимость реализации прикладного программного интерфейса интерпретатора языка программирования Rust для операционных систем Windows, позволяющая нарушителю выполнить произвольный код
BDU:2024-06717
Уязвимость функция std::process::Command компонента File Extension языка программирования Rust операционных систем Windows, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-05
CVE-2024-24576
Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical for those who invoke batch files on Windows with untrusted arguments. No other platform or use is affected. The `Command::arg` and `Command::args` APIs state in their documentation that the arguments will be passed to the spawned process as-is, regardless of the content of the arguments, and will not be evaluated by a shell. This means it should be safe to pass untrusted input as an argument. On Windows, the implementation of this is more complex than other platforms, because the Windows API only provides a single string containing all the arguments to the spawned process, and it's up to the spawned process to split them. Most programs use the standard C run-time argv, which in practice results in a mostly consistent way arguments are splitted. One exception though is `cmd.exe` (used among other things to execute batch files), which has its own argument splitting logic. That forces the standard library to implement custom escaping for arguments passed to batch files. Unfortunately it was reported that our escaping logic was not thorough enough, and it was possible to pass malicious arguments that would result in arbitrary shell execution. Due to the complexity of `cmd.exe`, we didn't identify a solution that would correctly escape arguments in all cases. To maintain our API guarantees, we improved the robustness of the escaping code, and changed the `Command` API to return an `InvalidInput` error when it cannot safely escape an argument. This error will be emitted when spawning the process. The fix is included in Rust 1.77.2. Note that the new escaping logic for batch files errs on the conservative side, and could reject valid arguments. Those who implement the escaping themselves or only handle trusted inputs on Windows can also use the `CommandExt::raw_arg` method to bypass the standard library's escaping logic.
- http://www.openwall.com/lists/oss-security/2024/04/09/16
- https://doc.rust-lang.org/std/io/enum.ErrorKind.html#variant.InvalidInput
- https://doc.rust-lang.org/std/os/windows/process/trait.CommandExt.html#tymethod.raw_arg
- https://doc.rust-lang.org/std/process/struct.Command.html
- https://doc.rust-lang.org/std/process/struct.Command.html#method.arg
- https://doc.rust-lang.org/std/process/struct.Command.html#method.args
- https://github.com/rust-lang/rust/issues
- https://github.com/rust-lang/rust/security/advisories/GHSA-q455-m56c-85mh
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N323QAEEUVTJ354BTVQ7UB6LYXUX2BCL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPH3PF7DVSS2LVIRLW254VWUPVKJN46P/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W7WRFOIAZXYUPGXGR5UEEW7VTTOD4SZ3/
- https://www.rust-lang.org/policies/security
- http://www.openwall.com/lists/oss-security/2024/04/09/16
- https://doc.rust-lang.org/std/io/enum.ErrorKind.html#variant.InvalidInput
- https://doc.rust-lang.org/std/os/windows/process/trait.CommandExt.html#tymethod.raw_arg
- https://doc.rust-lang.org/std/process/struct.Command.html
- https://doc.rust-lang.org/std/process/struct.Command.html#method.arg
- https://doc.rust-lang.org/std/process/struct.Command.html#method.args
- https://github.com/rust-lang/rust/issues
- https://github.com/rust-lang/rust/security/advisories/GHSA-q455-m56c-85mh
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N323QAEEUVTJ354BTVQ7UB6LYXUX2BCL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPH3PF7DVSS2LVIRLW254VWUPVKJN46P/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W7WRFOIAZXYUPGXGR5UEEW7VTTOD4SZ3/
- https://www.kb.cert.org/vuls/id/123335
- https://www.rust-lang.org/policies/security
Modified: 2024-10-01
CVE-2024-43402
Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods (which are ignored and stripped by Windows). To determine whether to apply the `cmd.exe` escaping rules, the original fix for the vulnerability checked whether the command name ended with `.bat` or `.cmd`. At the time that seemed enough, as we refuse to invoke batch scripts with no file extension. Windows removes trailing whitespace and periods when parsing file paths. For example, `.bat. .` is interpreted by Windows as `.bat`, but the original fix didn't check for that. Affected users who are using Rust 1.77.2 or greater can remove the trailing whitespace (ASCII 0x20) and trailing periods (ASCII 0x2E) from the batch file name to bypass the incomplete fix and enable the mitigations. Users are affected if their code or one of their dependencies invoke a batch script on Windows with trailing whitespace or trailing periods in the name, and pass untrusted arguments to it. Rust 1.81.0 will update the standard library to apply the CVE-2024-24576 mitigations to all batch files invocations, regardless of the trailing chars in the file name.
Closed bugs
cargo run -Zbuild-std ожидает другой путь
Много неочевидных телодвижений при установке rust
Package firefox-esr updated to version 128.4.0-alt0.c10.1 for branch c10f2 in task 367424.
Closed vulnerabilities
Modified: 2025-03-21
BDU:2023-05100
Уязвимость браузера Mozilla Firefox, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить спуфинговую атаку
Modified: 2025-03-21
BDU:2023-07274
Уязвимость полноэкранного режима браузера Firefox, позволяющая нарушителю проводить спуфинг-атаки
Modified: 2025-03-21
BDU:2023-07275
Уязвимость браузера Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2023-07276
Уязвимость браузера Firefox, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2025-03-21
BDU:2023-07277
Уязвимость браузера Firefox, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2023-08142
Уязвимость режима HTTPS-only Mode браузера Firefox, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2025-03-21
BDU:2023-08320
Уязвимость браузера Mozilla Firefox, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2023-08321
Уязвимость браузера Mozilla Firefox, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю проводить фишинг-атаки
BDU:2023-08952
Уязвимость push-уведомлений браузера Mozilla Firefox операционных систем Android, позволяющая нарушителю получить несанкционированный доступ к ограниченным функциям
Modified: 2025-03-21
BDU:2023-08959
Уязвимость изолированной среды iframe браузера Mozilla Firefox, позволяющая нарушителю обойти существующие ограничения безопасности
BDU:2023-09056
Уязвимость службы сетевой безопасности NSS браузера Mozilla Firefox, позволяющая нарушителю получить доступ к конфиденциальной информации
Modified: 2025-03-21
BDU:2023-09057
Уязвимость браузера Mozilla Firefox, связанная с недостатками в обработке исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2023-09126
Уязвимость полноэкранных уведомлений браузера Mozilla Firefox и Firefox Focus операционных систем Android, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-03-21
BDU:2023-09127
Уязвимость браузера Mozilla Firefox и Firefox Focus, связанная с отсутствием предупреждения при переходе к новому обработчику, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2026-04-09
BDU:2024-00031
Уязвимость браузера Mozilla, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-00059
Уязвимость заголовок вкладок браузера Mozilla Firefox, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2024-00726
Уязвимость браузера Mozilla Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-00729
Уязвимость реализации технологии WASM браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-00806
Уязвимость браузера Mozilla Firefox, связанная с недостатками разграничения доступа, позволяющая нарушителю установить произвольный URI в адресной строке или истории браузера
Modified: 2025-03-21
BDU:2024-00809
Уязвимость компонента WebAudio браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2025-03-21
BDU:2024-00811
Уязвимость браузера Mozilla Firefox, связанная с разыменованием недоверенного указателя, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-01816
Уязвимость браузера Mozilla Firefox связанная с ошибками при обработке SameSite cookies, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Modified: 2025-03-21
BDU:2024-01817
Уязвимость функции fetch браузера Mozilla Firefox связанная с ошибками управления ресурсом, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Modified: 2025-03-21
BDU:2024-01818
Уязвимость встроенного профилировщика браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-01819
Уязвимость браузера Mozilla Firefox связанная с выходом операции за границы буфера, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-02305
Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-02321
Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-02341
Уязвимость браузера Mozilla Firefox, связанная с некорректной обработкой значений регистра WASM, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-02360
Уязвимость браузера Mozilla Firefox, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03312
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03313
Уязвимость веб-браузера Firefox, связанная с неправильным освобождением памяти перед удалением последней ссылки, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-03314
Уязвимость веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03315
Уязвимость компонента Alternate Services веб-браузера Firefox, связанная с целочисленным переполнением, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-03-21
BDU:2024-03316
Уязвимость веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03719
Уязвимость компонента JIT браузера Mozilla Firefox, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2025-03-21
BDU:2024-03720
Уязвимость реализации технологии WASM браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2025-03-21
BDU:2024-03793
Уязвимость компонента MarkStack обработчика JavaScript-сценариев браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03794
Уязвимость JIT-компилятора браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03874
Уязвимость функции js::CheckTracedThing() JIT-компилятора браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-03875
Уязвимость компонента Garbage Collector («Сборщик мусора») браузера Mozilla Firefox, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-03907
Уязвимость браузера Mozilla Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
BDU:2024-04171
Уязвимость браузера Firefox for iOS, связанная с недостаточной проверкой входных данных, позволяющая нарушителю обойти ограничения безопасности и загружать произвольные страницы
BDU:2024-04172
Уязвимость браузера Firefox for iOS, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю добавить небезопасный элемент на страницу после определенной задержки времени
BDU:2024-05102
Уязвимость браузера Mozilla Firefox for Android, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти ограничения безопасности и оказать влияние на целостность защищаемой информации
Modified: 2024-11-26
BDU:2024-05142
Уязвимость функции «Save As» («Сохранить как») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю оказать влияние на конфиденциальность и целостность защищаемой информации
Modified: 2024-11-26
BDU:2024-05143
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием скрытых побочных каналов, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-26
BDU:2024-05144
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибками в настройках безопасности, позволяющая нарушителю обойти ограничения безопасности и провести атаку типа clickjacking («захват клика»)
Modified: 2024-11-26
BDU:2024-05145
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05167
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05168
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-26
BDU:2024-05169
Уязвимость интерфейса OffscreenCanvas браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности
Modified: 2024-11-26
BDU:2024-05170
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-06289
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с позволяющая нарушителю выполнить выход из изолированной программной среды
Modified: 2026-01-20
BDU:2024-06291
Уязвимость полноэкранного режима уведомлений браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю проводить спуфинг атаки
Modified: 2026-01-20
BDU:2024-06292
Уязвимость компонента WebAssembly браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06463
Уязвимость компонента IndexedDB браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06464
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2025-10-29
BDU:2024-06469
Уязвимость компоненте шифрования NSS браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю получить доступ к защищаемой информации
Modified: 2026-01-20
BDU:2024-06481
Уязвимость библиотеки ANGLE браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2026-01-20
BDU:2024-06482
Уязвимость функции Date Picker («Выбор даты») браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю предоставить произвольные разрешения и получить несанкционированный доступ к данным или функциям
Modified: 2026-01-20
BDU:2024-06568
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с чтением за границами памяти, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-06569
Уязвимость компонента Content Security Policy браузеров Firefox, Firefox ESR, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
Modified: 2026-01-20
BDU:2024-06570
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти ограничения безопасности и оказать влияние на конфиденциальность и целостность защищаемой информации
Modified: 2026-01-20
BDU:2024-06572
Уязвимость компонента WebAssembly браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06673
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06674
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2025-05-06
BDU:2024-06675
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным ограничением операций в пределах буфера памяти, позволяющая нарушителю оказать влияние на работу системы
Modified: 2026-01-20
BDU:2024-06676
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю повысить свои привилегии
Modified: 2025-03-21
BDU:2024-06677
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с чтением за пределами границ памяти, позволяющая нарушителю оказать влияние на работу системы
Modified: 2026-01-20
BDU:2024-06697
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06698
Уязвимость внутренних интерфейсов событий браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю повысить свои привилегии
Modified: 2026-01-20
BDU:2024-06699
Уязвимость браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, существующая из-за ошибки типов при поиске имени свойства в блоке «with», позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06700
Уязвимость браузера Firefox, Firefox ESR, связанная с отсутствием диалогового окна подтверждения при открытии связанных с Usenet схем "news:" и "snews:", позволяющая нарушителю загрузить произвольное приложение и выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06701
Уязвимость браузера Mozilla Firefox, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю проводить спуфинг атаки
Modified: 2026-01-20
BDU:2024-06703
Уязвимость компонента Garbage Collector («Сборщик мусора») браузера Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06731
Уязвимость браузера Firefox, Firefox ESR, связанная с путаницей типов при обработкеStructFields и ArrayTypes в WASM, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-06862
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с разыменованием указателя NULL, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06880
Уязвимость веб-браузера Firefox, связанная с некорректным ограничением визуализируемых слоев пользовательского интерфейса, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
Modified: 2025-03-21
BDU:2024-06881
Уязвимость веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-06882
Уязвимость веб-браузера Firefox, связанная с неправильной обработкой перекрытий между защищенными диапазонами памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06883
Уязвимость веб-браузера Firefox, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06884
Уязвимость веб-браузера Firefox, связанная с отсутствием обработчика, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06885
Уязвимость веб-браузера Firefox, связанная с использованием открытой переадресации, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06886
Уязвимость веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06890
Уязвимость компонента WebRTC веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06924
Уязвимость веб-браузера Firefox, связанная с недостаточной проверкой регистра, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-06993
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-07929
Уязвимость обработчика управления и синхронизации анимации на веб-страницах браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю выполнить произвольный код
Modified: 2026-01-20
BDU:2024-08951
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю оказать влияние на конфиденциальность защищаемой информации
Modified: 2026-01-20
BDU:2024-08952
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
Modified: 2025-03-21
BDU:2024-09017
Уязвимость компонента Frame Iterator веб-браузера Firefox, связанная с выполнением цикла с недоступным условием выхода, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-03-21
BDU:2024-09018
Уязвимость консоли набора инструментов для веб-разработки DevTools веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-09019
Уязвимость компонента Nested iFrame Handler веб-браузера Firefox, связанная с неправильным атрибутом SameSite в файле cookie, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09020
Уязвимость компонента Form Validation Popup Handler веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09021
Уязвимость веб-браузера Firefox, связанная с небезопасным внешним контролем за критическими данными состояния, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09022
Уязвимость веб-браузера Firefox, связанная с освобождением неверного указателя, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09023
Уязвимость компонента буфера обмена веб-браузера Firefox, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09024
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09025
Уязвимость движка JavaScript веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным
Modified: 2025-03-21
BDU:2024-09026
Уязвимость страницы создания скриншотов веб-браузера Firefox, связанная с некорректным ограничением визуализируемых слоев пользовательского интерфейса, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2026-01-20
BDU:2024-09264
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
Modified: 2026-01-20
BDU:2024-09265
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2026-01-20
BDU:2024-09266
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2026-01-20
BDU:2024-09267
Уязвимость реализации прикладного программного интерфейса браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-09268
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности и поучить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2024-09269
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности
Modified: 2026-01-20
BDU:2024-09290
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности, поучить несанкционированный доступ к защищаемой информации и выполнить произвольный код
Modified: 2026-01-20
BDU:2024-09291
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольный код
Modified: 2026-01-20
BDU:2024-09294
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2024-09311
Уязвимость функции Window.open() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2024-09442
Уязвимость веб-браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2025-09-30
BDU:2024-09869
Уязвимость набора библиотек разработки приложений NSS веб-браузера Firefox и почтового клиента Thunderbird, связанная с выделением неограниченной памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2025-03-21
BDU:2024-09870
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00962
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с записью за границами буфера, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00963
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с непринятием мер по защите структуры SQL-запроса, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00965
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2026-01-20
BDU:2025-00966
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2025-00967
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с недостатком в механизме подтверждения источника, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2026-01-20
BDU:2025-00972
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Modified: 2026-01-20
BDU:2025-00973
Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю оказать воздействие на целостность данных
Modified: 2026-01-20
BDU:2025-01014
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с раскрытием информации через несоответствие, позволяющая нарушителю получить доступ к потенциально конфиденциальной информации
Modified: 2024-11-21
CVE-2023-4058
Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1819160%2C1828024
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-29/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1819160%2C1828024
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-29/
Modified: 2024-11-21
CVE-2023-4579
Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox < 117.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1842766
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-34/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1842766
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-34/
Modified: 2024-11-21
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox < 118.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1846686
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1846686
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
Modified: 2025-05-01
CVE-2023-5172
A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1852218
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1852218
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
Modified: 2024-11-21
CVE-2023-5173
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823172
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823172
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
Modified: 2025-05-01
CVE-2023-5175
During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849704
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849704
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
Modified: 2024-11-21
CVE-2023-5722
Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738426
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738426
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5723
An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1802057
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1802057
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5729
A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823720
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823720
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5731
Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1690111%2C1721904%2C1851803%2C1854068
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1690111%2C1721904%2C1851803%2C1854068
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-6135
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1853908
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1853908
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6210
When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1801501
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1801501
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
Modified: 2024-11-21
CVE-2023-6211
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1850200
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1850200
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
Modified: 2024-11-21
CVE-2023-6213
Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1849265%2C1851118%2C1854911
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1849265%2C1851118%2C1854911
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
Modified: 2024-11-21
CVE-2023-6866
TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849037
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849037
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6868
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. *This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1865488
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1865488
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2025-05-07
CVE-2023-6869
A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1799036
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1799036
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6870
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. *This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823316
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823316
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6871
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1828334
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1828334
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6872
Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849186
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849186
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6873
Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2024-0744
In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2024-11-21
CVE-2024-0745
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2025-06-11
CVE-2024-0748
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
Modified: 2025-06-20
CVE-2024-0752
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2025-05-22
CVE-2024-0754
Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122.
Modified: 2025-11-03
CVE-2024-10458
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1921733
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10459
An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1919087
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1912537
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10461
In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1914521
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10462
Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1920423
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10463
Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1920800
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10464
Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1913000
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10465
A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918853
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10466
By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1924154
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-11-03
CVE-2024-10467
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00034.html
- https://lists.debian.org/debian-lts-announce/2024/11/msg00001.html
Modified: 2025-02-10
CVE-2024-10941
A malicious website could have included an iframe with an malformed URI resulting in a non-exploitable browser crash. This vulnerability affects Firefox < 126.
Modified: 2025-04-02
CVE-2024-1554
The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers `fetch()` may contain. Under the correct circumstances, an attacker may have been able to poison the local browser cache by priming it with a `fetch()` response controlled by the additional headers. Upon navigation to the same URL, the user would see the cached response instead of the expected response. This vulnerability affects Firefox < 123.
Modified: 2025-03-27
CVE-2024-1555
When opening a website using the `firefox://` protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox < 123.
Modified: 2025-03-27
CVE-2024-1556
The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123.
Modified: 2025-05-06
CVE-2024-1557
Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746471%2C1848829%2C1864011%2C1869175%2C1869455%2C1869938%2C1871606
- https://www.mozilla.org/security/advisories/mfsa2024-05/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746471%2C1848829%2C1864011%2C1869175%2C1869455%2C1869938%2C1871606
- https://www.mozilla.org/security/advisories/mfsa2024-05/
Modified: 2025-04-01
CVE-2024-2606
Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox < 124.
Modified: 2025-02-25
CVE-2024-2613
Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.
Modified: 2025-03-14
CVE-2024-2615
Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124.
Modified: 2025-04-01
CVE-2024-29943
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1.
- http://www.openwall.com/lists/oss-security/2024/03/23/1
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886849
- https://www.mozilla.org/security/advisories/mfsa2024-15/
- http://www.openwall.com/lists/oss-security/2024/03/23/1
- https://bugzilla.mozilla.org/show_bug.cgi?id=1886849
- https://www.mozilla.org/security/advisories/mfsa2024-15/
Modified: 2025-04-09
CVE-2024-31392
If an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status This vulnerability affects Firefox for iOS < 124.
Modified: 2025-04-09
CVE-2024-31393
Dragging Javascript URLs to the address bar could cause them to be loaded, bypassing restrictions and security protections This vulnerability affects Firefox for iOS < 124.
Modified: 2025-03-31
CVE-2024-3853
A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125.
Modified: 2025-03-31
CVE-2024-3855
In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125.
Modified: 2025-03-31
CVE-2024-3856
A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox < 125.
Modified: 2025-03-31
CVE-2024-3858
It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox < 125.
Modified: 2025-03-31
CVE-2024-3860
An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125.
Modified: 2025-03-31
CVE-2024-3862
The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox < 125.
Modified: 2025-05-01
CVE-2024-3865
Memory safety bugs present in Firefox 124. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125.
Modified: 2025-04-01
CVE-2024-4764
Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox < 126.
Modified: 2025-04-04
CVE-2024-4765
Web application manifests were stored by using an insecure MD5 hash which allowed for a hash collision to overwrite another application's manifest. This could have been exploited to run arbitrary code in another application's context. *This issue only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 126.
Modified: 2025-04-04
CVE-2024-4766
Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 126.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871214
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871217
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871214
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871217
- https://www.mozilla.org/security/advisories/mfsa2024-21/
Modified: 2025-04-01
CVE-2024-4771
A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126.
Modified: 2025-04-01
CVE-2024-4772
An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126.
Modified: 2025-04-04
CVE-2024-4773
When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126.
Modified: 2025-03-28
CVE-2024-4774
The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox < 126.
Modified: 2025-04-01
CVE-2024-4775
An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 126.
Modified: 2025-04-01
CVE-2024-4776
A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox < 126.
Modified: 2025-04-04
CVE-2024-4778
Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1838834%2C1889291%2C1889595%2C1890204%2C1891545
- https://www.mozilla.org/security/advisories/mfsa2024-21/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1838834%2C1889291%2C1889595%2C1890204%2C1891545
- https://www.mozilla.org/security/advisories/mfsa2024-21/
Modified: 2025-03-27
CVE-2024-5687
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the `Referer` and `Sec-*` headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 127.
Modified: 2025-04-04
CVE-2024-5688
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2024-11-21
CVE-2024-5689
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. This vulnerability affects Firefox < 127.
Modified: 2025-03-26
CVE-2024-5690
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883693
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883693
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-19
CVE-2024-5691
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888695
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888695
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-27
CVE-2024-5692
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-27
CVE-2024-5693
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891319
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891319
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-14
CVE-2024-5694
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127.
Modified: 2024-11-21
CVE-2024-5695
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox < 127.
Modified: 2025-11-06
CVE-2024-5696
By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1896555
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1896555
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-13
CVE-2024-5697
A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127.
Modified: 2025-03-14
CVE-2024-5698
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127.
Modified: 2025-04-04
CVE-2024-5699
In violation of spec, cookie prefixes such as `__Secure` were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox < 127.
Modified: 2025-04-04
CVE-2024-5700
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1862809%2C1889355%2C1893388%2C1895123
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-04-03
CVE-2024-5701
Memory safety bugs present in Firefox 126. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1890909%2C1891422%2C1893915%2C1894047%2C1896024
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1890909%2C1891422%2C1893915%2C1894047%2C1896024
- https://www.mozilla.org/security/advisories/mfsa2024-25/
Modified: 2025-04-04
CVE-2024-5702
Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193389
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193389
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-09-26
CVE-2024-6600
Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6601
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1890748
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1890748
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-11-03
CVE-2024-6602
A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895032
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895032
- https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6603
In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895081
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895081
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6604
Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6605
Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox < 128.
Modified: 2025-04-04
CVE-2024-6606
Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902305
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902305
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-07-16
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1694513
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1694513
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-25
CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-11-03
CVE-2024-6609
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
- https://lists.debian.org/debian-lts-announce/2024/10/msg00028.html
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-18
CVE-2024-6610
Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883396
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883396
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6611
A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1844827
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1844827
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6612
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1880374
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1880374
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6613
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1900523
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1900523
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6614
The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902983
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902983
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-04-04
CVE-2024-6615
Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2024-10-29
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7519
Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902307
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-24
CVE-2024-7520
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7521
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1904644
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7522
Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1906727
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-25
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
Modified: 2024-08-12
CVE-2024-7525
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909298
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-09-17
CVE-2024-7526
ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1910306
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-18
CVE-2024-7527
Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871303
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7528
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7529
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1903187
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-19
CVE-2024-7531
Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
Modified: 2025-04-04
CVE-2024-7652
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1901411
- https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-11-04
CVE-2024-8381
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1912715
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2025-11-04
CVE-2024-8382
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1906744
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2025-11-04
CVE-2024-8383
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1908496
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2025-11-04
CVE-2024-8384
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1911288
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
- https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
- https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html
Modified: 2024-09-06
CVE-2024-8385
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Modified: 2024-10-30
CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1907032
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909163
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909529
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
Modified: 2024-09-06
CVE-2024-8387
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Modified: 2025-03-18
CVE-2024-8900
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
Modified: 2025-11-03
CVE-2024-9392
A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1899154
- https://bugzilla.mozilla.org/show_bug.cgi?id=1905843
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-11-03
CVE-2024-9393
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918301
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-11-03
CVE-2024-9394
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918874
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-04-04
CVE-2024-9396
It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-18
CVE-2024-9397
A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-18
CVE-2024-9398
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-14
CVE-2024-9399
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-04-04
CVE-2024-9400
A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-11-03
CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
Modified: 2025-04-04
CVE-2024-9402
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
Modified: 2025-11-04
CVE-2024-9680
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1923344
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039
- https://www.mozilla.org/security/advisories/mfsa2024-51/
- https://www.mozilla.org/security/advisories/mfsa2024-52/
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281992
- https://lists.debian.org/debian-lts-announce/2024/10/msg00005.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9680
Closed bugs
Не работает плагин КриптоПро ЭЦП Browser plug-in
Отсутствует иконка firefox на панели управления
Package aardvark-dns updated to version 1.12.2-alt1 for branch c10f2 in task 367424.
Closed vulnerabilities
Modified: 2024-09-13
BDU:2024-06718
Уязвимость DNS-сервера Aardvark-dns, связанная с неконтролируемым расходом ресурсов при открытом TCP-соединениz не ограниченного по времени, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-05-13
CVE-2024-8418
A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime.
Modified: 2025-05-14
GHSA-g5jh-57wm-p79m
Missing connection timeout in Aardvark-dns
- https://nvd.nist.gov/vuln/detail/CVE-2024-8418
- https://github.com/containers/aardvark-dns/issues/500
- https://github.com/containers/aardvark-dns/pull/503
- https://github.com/containers/aardvark-dns/commit/aa109bbd6743abd7027e589cc4b871dd2dce7d50
- https://access.redhat.com/errata/RHSA-2025:7094
- https://access.redhat.com/security/cve/CVE-2024-8418
- https://bugzilla.redhat.com/show_bug.cgi?id=2309683
- https://github.com/containers/aardvark-dns
Closed bugs
nss собран без debuginfo
Closed vulnerabilities
Modified: 2025-12-26
BDU:2024-04108
Уязвимость сервиса управления доступом к удаленным каталогам и механизма аутентификации SSSD, связанная с неправильной авторизацией, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-11-03
CVE-2023-3758
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
- https://access.redhat.com/errata/RHSA-2024:1919
- https://access.redhat.com/errata/RHSA-2024:1920
- https://access.redhat.com/errata/RHSA-2024:1921
- https://access.redhat.com/errata/RHSA-2024:1922
- https://access.redhat.com/errata/RHSA-2024:2571
- https://access.redhat.com/errata/RHSA-2024:3270
- https://access.redhat.com/security/cve/CVE-2023-3758
- https://bugzilla.redhat.com/show_bug.cgi?id=2223762
- https://github.com/SSSD/sssd/pull/7302
- https://access.redhat.com/errata/RHSA-2024:1919
- https://access.redhat.com/errata/RHSA-2024:1920
- https://access.redhat.com/errata/RHSA-2024:1921
- https://access.redhat.com/errata/RHSA-2024:1922
- https://access.redhat.com/errata/RHSA-2024:2571
- https://access.redhat.com/errata/RHSA-2024:3270
- https://access.redhat.com/security/cve/CVE-2023-3758
- https://bugzilla.redhat.com/show_bug.cgi?id=2223762
- https://github.com/SSSD/sssd/pull/7302
- https://lists.debian.org/debian-lts-announce/2025/02/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RV3HIZI3SURBUQKSOOL3XE64OOBQ2HTK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEP62IDS7A55D5UHM6GH7QZ7SQFOAPVF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMORAO2BDDA5YX4ZLMXDZ7SM6KU47SY5/
Closed bugs
Добавить зависимость на sssd-dbus к sssd-tools
При обновлении sssd без перезапуска возникают проблемы
Closed vulnerabilities
Modified: 2026-04-15
CVE-2024-11029
A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.
Package python3-module-rsa updated to version 4.9-alt2 for branch c10f2 in task 370558.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-25658
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25658
- https://github.com/sybrenstuvel/python-rsa/issues/165
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SAF67KDGSOHLVFTRDOHNEAFDRSSYIWA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APF364QJ2IYLPDNVFBOEJ24QP2WLVLJP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QY4PJWTYSOV7ZEYZVMYIF6XRU73CY6O7/
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25658
- https://github.com/sybrenstuvel/python-rsa/issues/165
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SAF67KDGSOHLVFTRDOHNEAFDRSSYIWA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APF364QJ2IYLPDNVFBOEJ24QP2WLVLJP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QY4PJWTYSOV7ZEYZVMYIF6XRU73CY6O7/
Package cabextract updated to version 1.11-alt1 for branch c10f2 in task 370588.
Closed vulnerabilities
Modified: 2024-09-16
BDU:2019-01362
Уязвимость библиотеки Libmspack и утилиты разархивации CAB-файлов СabExtract, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2018-18584
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
- https://access.redhat.com/errata/RHSA-2019:2049
- https://bugs.debian.org/911640
- https://github.com/kyz/libmspack/commit/40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2
- https://lists.debian.org/debian-lts-announce/2018/10/msg00017.html
- https://security.gentoo.org/glsa/201903-20
- https://usn.ubuntu.com/3814-1/
- https://usn.ubuntu.com/3814-2/
- https://usn.ubuntu.com/3814-3/
- https://www.cabextract.org.uk/#changes
- https://www.openwall.com/lists/oss-security/2018/10/22/1
- https://www.starwindsoftware.com/security/sw-20181213-0001/
- https://access.redhat.com/errata/RHSA-2019:2049
- https://bugs.debian.org/911640
- https://github.com/kyz/libmspack/commit/40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2
- https://lists.debian.org/debian-lts-announce/2018/10/msg00017.html
- https://security.gentoo.org/glsa/201903-20
- https://usn.ubuntu.com/3814-1/
- https://usn.ubuntu.com/3814-2/
- https://usn.ubuntu.com/3814-3/
- https://www.cabextract.org.uk/#changes
- https://www.openwall.com/lists/oss-security/2018/10/22/1
- https://www.starwindsoftware.com/security/sw-20181213-0001/
Closed vulnerabilities
Modified: 2026-03-04
BDU:2025-01175
Уязвимость компонента ANSI Escape Sequence Handler распределенной системы управления версиями Git, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2026-03-04
BDU:2025-01177
Уязвимость распределенной системы управления версиями Git, связанная с недостатком механизма кодирования или экранирования выходных данных, позволяющая нарушителю раскрыть защищаемую информацию
Modified: 2025-12-18
CVE-2024-50349
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This allows attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. This issue has been patch via commits `7725b81` and `c903985` which are included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.
Modified: 2025-12-18
CVE-2024-52006
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most notably, .NET and node.js) interpret single Carriage Return characters as newlines, which renders the protections against CVE-2020-5260 incomplete for credential helpers that treat Carriage Returns in this way. This issue has been addressed in commit `b01b9b8` which is included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.
- https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g
- https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060
- https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q
- https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp
- https://lists.debian.org/debian-lts-announce/2025/01/msg00025.html
Closed vulnerabilities
Modified: 2023-11-21
BDU:2022-02373
Уязвимость реализации проверки регулярных выражений (regex для Rust) веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-05-28
BDU:2024-03122
Уязвимость библиотеки LibHTP, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-07-22
BDU:2024-05369
Уязвимость средства обнаружения и предотвращения вторжений Suricata, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-06841
Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-08255
Уязвимость системы обнаружения и предотвращения вторжений Suricata связанная с ошибками при проверке JA4-идентификатора, предоставляющего информацию о прикладном протоколе, который будет использован между клиентом и сервером, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-09-22
BDU:2024-11374
Уязвимость фильтра BPF системы обнаружения и предотвращения вторжений Suricata, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-08-13
BDU:2025-00134
Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с выходом операции за границы буфера, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2025-01-19
BDU:2025-00135
Уязвимость функции StreamingBufferSlideToOffsetWithRegions() системы обнаружения и предотвращения вторжений Suricata, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2025-01-19
BDU:2025-00136
Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с асимметричным потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-01-19
BDU:2025-00137
Уязвимость реализации протокола TCP системы обнаружения и предотвращения вторжений Suricata, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Modified: 2024-11-21
CVE-2022-24713
regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes.
- https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e
- https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8
- https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw
- https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html
- https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/
- https://security.gentoo.org/glsa/202208-08
- https://security.gentoo.org/glsa/202208-14
- https://www.debian.org/security/2022/dsa-5113
- https://www.debian.org/security/2022/dsa-5118
- https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e
- https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8
- https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw
- https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html
- https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ/
- https://security.gentoo.org/glsa/202208-08
- https://security.gentoo.org/glsa/202208-14
- https://www.debian.org/security/2022/dsa-5113
- https://www.debian.org/security/2022/dsa-5118
Modified: 2025-04-28
CVE-2024-28870
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in alert records. This issue has been patched in versions 6.0.17 and 7.0.4.
Modified: 2025-06-30
CVE-2024-28871
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Version 0.5.46 may parse malformed request traffic, leading to excessive CPU usage. Version 0.5.47 contains a patch for the issue. No known workarounds are available.
- https://github.com/OISF/libhtp/commit/79e713f3e527593a45f545e854cd9e6fbb3cd3ed
- https://github.com/OISF/libhtp/commit/bf618ec7f243cebfb0f7e84c3cb158955cb32b4d
- https://github.com/OISF/libhtp/security/advisories/GHSA-ffr2-45w9-7wmg
- https://redmine.openinfosecfoundation.org/issues/6757
- https://github.com/OISF/libhtp/commit/79e713f3e527593a45f545e854cd9e6fbb3cd3ed
- https://github.com/OISF/libhtp/commit/bf618ec7f243cebfb0f7e84c3cb158955cb32b4d
- https://github.com/OISF/libhtp/security/advisories/GHSA-ffr2-45w9-7wmg
- https://redmine.openinfosecfoundation.org/issues/6757
Modified: 2025-11-03
CVE-2024-32663
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19. Workarounds include disabling the HTTP/2 parser and reducing `app-layer.protocols.http2.max-table-size` value (default is 65536).
- https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64
- https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd
- https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019
- https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5
- https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r
- https://redmine.openinfosecfoundation.org/issues/6892
- https://redmine.openinfosecfoundation.org/issues/6900
- https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64
- https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd
- https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019
- https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5
- https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r
- https://lists.debian.org/debian-lts-announce/2025/03/msg00029.html
- https://redmine.openinfosecfoundation.org/issues/6892
- https://redmine.openinfosecfoundation.org/issues/6900
Modified: 2024-12-19
CVE-2024-32664
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use rules with `base64_decode` keyword with `bytes` option with value 1, 2 or 5 and for 7.0.x, setting `app-layer.protocols.smtp.mime.body-md5` to false.
- https://github.com/OISF/suricata/commit/311002baf288a225f62cf18a90c5fdd294447379
- https://github.com/OISF/suricata/commit/d5ffecf11ad2c6fe89265e518f5d7443caf26ba4
- https://github.com/OISF/suricata/security/advisories/GHSA-79vh-hpwq-3jh7
- https://github.com/OISF/suricata/commit/311002baf288a225f62cf18a90c5fdd294447379
- https://github.com/OISF/suricata/commit/d5ffecf11ad2c6fe89265e518f5d7443caf26ba4
- https://github.com/OISF/suricata/security/advisories/GHSA-79vh-hpwq-3jh7
Modified: 2024-12-19
CVE-2024-32867
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19.
- https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9
- https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66
- https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634
- https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b
- https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9
- https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8
- https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5
- https://redmine.openinfosecfoundation.org/issues/6672
- https://redmine.openinfosecfoundation.org/issues/6673
- https://redmine.openinfosecfoundation.org/issues/6677
- https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9
- https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66
- https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634
- https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b
- https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9
- https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8
- https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5
- https://redmine.openinfosecfoundation.org/issues/6672
- https://redmine.openinfosecfoundation.org/issues/6673
- https://redmine.openinfosecfoundation.org/issues/6677
Modified: 2025-11-03
CVE-2024-37151
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.
- https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0
- https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b
- https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24
- https://redmine.openinfosecfoundation.org/issues/7041
- https://redmine.openinfosecfoundation.org/issues/7042
- https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0
- https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b
- https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24
- https://lists.debian.org/debian-lts-announce/2025/03/msg00029.html
- https://redmine.openinfosecfoundation.org/issues/7041
- https://redmine.openinfosecfoundation.org/issues/7042
Modified: 2024-11-21
CVE-2024-38534
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly.depth to reduce the issue.
- https://github.com/OISF/suricata/commit/a753cdbe84caee3b66d0bf49b2712d29a50d67ae
- https://github.com/OISF/suricata/security/advisories/GHSA-59qg-h357-69fq
- https://redmine.openinfosecfoundation.org/issues/6987
- https://redmine.openinfosecfoundation.org/issues/6988
- https://github.com/OISF/suricata/commit/a753cdbe84caee3b66d0bf49b2712d29a50d67ae
- https://github.com/OISF/suricata/security/advisories/GHSA-59qg-h357-69fq
- https://redmine.openinfosecfoundation.org/issues/6987
- https://redmine.openinfosecfoundation.org/issues/6988
Modified: 2024-11-21
CVE-2024-38535
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.
- https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7
- https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2
- https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
- https://redmine.openinfosecfoundation.org/issues/7104
- https://redmine.openinfosecfoundation.org/issues/7105
- https://redmine.openinfosecfoundation.org/issues/7112
- https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7
- https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2
- https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
- https://redmine.openinfosecfoundation.org/issues/7104
- https://redmine.openinfosecfoundation.org/issues/7105
- https://redmine.openinfosecfoundation.org/issues/7112
Modified: 2024-11-21
CVE-2024-38536
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to `http.memcap` being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6.
- https://github.com/OISF/suricata/security/advisories/GHSA-j32j-4w6g-94hh
- https://redmine.openinfosecfoundation.org/issues/7029
- https://redmine.openinfosecfoundation.org/issues/7033
- https://github.com/OISF/suricata/security/advisories/GHSA-j32j-4w6g-94hh
- https://redmine.openinfosecfoundation.org/issues/7029
- https://redmine.openinfosecfoundation.org/issues/7033
Modified: 2024-10-22
CVE-2024-45795
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service. This issue is addressed in 7.0.7. As a workaround, use only trusted and well tested rulesets.
Modified: 2025-11-03
CVE-2024-45796
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been addressed in 7.0.7.
Modified: 2025-11-03
CVE-2024-45797
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49.
Modified: 2024-10-22
CVE-2024-47187
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to use excessive time to load, as well as runtime performance issues during traffic handling. This issue has been addressed in 7.0.7. As a workaround, avoid loading datasets from untrusted sources. Avoid dataset rules that track traffic in rules.
Modified: 2024-10-22
CVE-2024-47188
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash table behavior. This can lead to an attacker forcing lots of data into a single hash bucket, leading to severe performance degradation. This issue has been addressed in 7.0.7.
Modified: 2025-09-25
CVE-2024-47522
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. One may disable ja4 as a workaround.
Modified: 2025-03-31
CVE-2024-55605
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the to_lowercase, to_uppercase, strip_whitespace, compress_whitespace, dotprefix, header_lowercase, strip_pseudo_headers, url_decode, or xor transform can lead to a stack overflow causing Suricata to crash. The issue has been addressed in Suricata 7.0.8.
Modified: 2025-11-03
CVE-2024-55626
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8.
Modified: 2025-03-31
CVE-2024-55627
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.
- https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd
- https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be
- https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432
- https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v
- https://redmine.openinfosecfoundation.org/issues/7393
Modified: 2025-03-31
CVE-2024-55628
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
- https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951
- https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d
- https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d
- https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j
- https://redmine.openinfosecfoundation.org/issues/7280
Modified: 2025-03-31
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data (out of band data) can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible evasions. Suricata 7.0.8 includes options to allow users to configure how to handle TCP urgent data. In IPS mode, you can use a rule such as drop tcp any any -> any any (sid:1; tcp.flags:U*;) to drop all the packets with urgent flag set.
Modified: 2022-08-11
GHSA-m5pq-gvj9-9vr8
Rust's regex crate vulnerable to regular expression denial of service
- https://github.com/rust-lang/regex/security/advisories/GHSA-m5pq-gvj9-9vr8
- https://nvd.nist.gov/vuln/detail/CVE-2022-24713
- https://github.com/rust-lang/regex/commit/ae70b41d4f46641dbc45c7a4f87954aea356283e
- https://github.com/rust-lang/regex
- https://groups.google.com/g/rustlang-security-announcements/c/NcNNL1Jq7Yw
- https://lists.debian.org/debian-lts-announce/2022/04/msg00003.html
- https://lists.debian.org/debian-lts-announce/2022/04/msg00009.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JANLZ3JXWJR7FSHE57K66UIZUIJZI67T
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3YB7CURSG64CIPCDPNMGPE4UU24AB6H
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDOWTHNVGBOP2HN27PUFIGRYNSNDTYRJ
- https://rustsec.org/advisories/RUSTSEC-2022-0013.html
- https://security.gentoo.org/glsa/202208-08
- https://security.gentoo.org/glsa/202208-14
- https://www.debian.org/security/2022/dsa-5113
- https://www.debian.org/security/2022/dsa-5118
Closed vulnerabilities
Modified: 2025-11-03
CVE-2024-45797
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49.