ALT-PU-2024-15840-7
Package firefox-esr updated to version 128.4.0-alt0.p10.1 for branch p10 in task 362434.
Closed vulnerabilities
BDU:2023-05100
Уязвимость браузера Mozilla Firefox, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить спуфинговую атаку
BDU:2023-07274
Уязвимость полноэкранного режима браузера Firefox, позволяющая нарушителю проводить спуфинг-атаки
BDU:2023-07275
Уязвимость браузера Firefox, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
BDU:2023-07276
Уязвимость браузера Firefox, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2023-07277
Уязвимость браузера Firefox, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольный код
BDU:2023-08142
Уязвимость режима HTTPS-only Mode браузера Firefox, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
BDU:2023-08320
Уязвимость браузера Mozilla Firefox, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код
BDU:2023-08321
Уязвимость браузера Mozilla Firefox, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю проводить фишинг-атаки
BDU:2023-08959
Уязвимость изолированной среды iframe браузера Mozilla Firefox, позволяющая нарушителю обойти существующие ограничения безопасности
BDU:2023-09056
Уязвимость службы сетевой безопасности NSS браузера Mozilla Firefox, позволяющая нарушителю получить доступ к конфиденциальной информации
BDU:2023-09057
Уязвимость браузера Mozilla Firefox, связанная с недостатками в обработке исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-09127
Уязвимость браузера Mozilla Firefox и Firefox Focus, связанная с отсутствием предупреждения при переходе к новому обработчику, позволяющая нарушителю оказать воздействие на целостность данных
BDU:2024-00031
Уязвимость браузера Mozilla, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код
BDU:2024-00059
Уязвимость заголовок вкладок браузера Mozilla Firefox, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2024-00726
Уязвимость браузера Mozilla Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код
BDU:2024-00729
Уязвимость реализации технологии WASM браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-00806
Уязвимость браузера Mozilla Firefox, связанная с недостатками разграничения доступа, позволяющая нарушителю установить произвольный URI в адресной строке или истории браузера
BDU:2024-00809
Уязвимость компонента WebAudio браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2024-00811
Уязвимость браузера Mozilla Firefox, связанная с разыменованием недоверенного указателя, позволяющая нарушителю выполнить произвольный код
BDU:2024-03312
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2024-03313
Уязвимость веб-браузера Firefox, связанная с неправильным освобождением памяти перед удалением последней ссылки, позволяющая нарушителю получить доступ к конфиденциальным данным
BDU:2024-03314
Уязвимость веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2024-03315
Уязвимость компонента Alternate Services веб-браузера Firefox, связанная с целочисленным переполнением, позволяющая нарушителю оказать воздействие на целостность данных
BDU:2024-03316
Уязвимость веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2024-05142
Уязвимость функции «Save As» («Сохранить как») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird операционных систем Windows, позволяющая нарушителю оказать влияние на конфиденциальность и целостность защищаемой информации
BDU:2024-05143
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием скрытых побочных каналов, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2024-05144
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибками в настройках безопасности, позволяющая нарушителю обойти ограничения безопасности и провести атаку типа clickjacking («захват клика»)
BDU:2024-05145
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2024-05167
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-05168
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2024-05169
Уязвимость интерфейса OffscreenCanvas браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности
BDU:2024-05170
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
BDU:2024-06289
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с позволяющая нарушителю выполнить выход из изолированной программной среды
BDU:2024-06291
Уязвимость полноэкранного режима уведомлений браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю проводить спуфинг атаки
BDU:2024-06292
Уязвимость компонента WebAssembly браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю выполнить произвольный код
BDU:2024-06463
Уязвимость компонента IndexedDB браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
BDU:2024-06464
Уязвимость компонента Garbage Collector («Сборщик мусора») браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
BDU:2024-06469
Уязвимость компоненте шифрования NSS браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю получить доступ к защищаемой информации
BDU:2024-06481
Уязвимость библиотеки ANGLE браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю раскрыть защищаемую информацию
BDU:2024-06482
Уязвимость функции Date Picker («Выбор даты») браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю предоставить произвольные разрешения и получить несанкционированный доступ к данным или функциям
BDU:2024-06568
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с чтением за границами памяти, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
BDU:2024-06569
Уязвимость компонента Content Security Policy браузеров Firefox, Firefox ESR, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
BDU:2024-06570
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти ограничения безопасности и оказать влияние на конфиденциальность и целостность защищаемой информации
BDU:2024-06572
Уязвимость компонента WebAssembly браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, позволяющая нарушителю выполнить произвольный код
BDU:2024-06673
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с копированием буфера без проверки размера входных данных, позволяющая нарушителю выполнить произвольный код
BDU:2024-06674
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
BDU:2024-06675
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным ограничением операций в пределах буфера памяти, позволяющая нарушителю оказать влияние на работу системы
BDU:2024-06676
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю повысить свои привилегии
BDU:2024-06677
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с чтением за пределами границ памяти, позволяющая нарушителю оказать влияние на работу системы
BDU:2024-06697
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
BDU:2024-06698
Уязвимость внутренних интерфейсов событий браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю повысить свои привилегии
BDU:2024-06699
Уязвимость браузеров Firefox ESR и Firefox и почтового клиента Thunderbird, существующая из-за ошибки типов при поиске имени свойства в блоке «with», позволяющая нарушителю выполнить произвольный код
BDU:2024-06700
Уязвимость браузера Firefox, Firefox ESR, связанная с отсутствием диалогового окна подтверждения при открытии связанных с Usenet схем "news:" и "snews:", позволяющая нарушителю загрузить произвольное приложение и выполнить произвольный код
BDU:2024-06701
Уязвимость браузера Mozilla Firefox, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю проводить спуфинг атаки
BDU:2024-06703
Уязвимость компонента Garbage Collector («Сборщик мусора») браузера Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код
BDU:2024-06731
Уязвимость браузера Firefox, Firefox ESR, связанная с путаницей типов при обработкеStructFields и ArrayTypes в WASM, позволяющая нарушителю выполнить произвольный код
BDU:2024-06880
Уязвимость веб-браузера Firefox, связанная с некорректным ограничением визуализируемых слоев пользовательского интерфейса, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
BDU:2024-06881
Уязвимость веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
BDU:2024-07929
Уязвимость обработчика управления и синхронизации анимации на веб-страницах браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю выполнить произвольный код
BDU:2024-08951
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю оказать влияние на конфиденциальность защищаемой информации
BDU:2024-08952
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
BDU:2024-09020
Уязвимость компонента Form Validation Popup Handler веб-браузера Firefox, связанная с раскрытием информации, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-09021
Уязвимость веб-браузера Firefox, связанная с небезопасным внешним контролем за критическими данными состояния, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-09024
Уязвимость веб-браузера Firefox, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2024-09025
Уязвимость движка JavaScript веб-браузера Firefox, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным
BDU:2024-09026
Уязвимость страницы создания скриншотов веб-браузера Firefox, связанная с некорректным ограничением визуализируемых слоев пользовательского интерфейса, позволяющая нарушителю оказать воздействие на целостность данных
BDU:2024-09264
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с некорректным ограничением визуализированных слоев пользовательского интерфейса, позволяющая нарушителю провести атаку типа clickjacking («захват клика»)
BDU:2024-09265
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2024-09266
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2024-09267
Уязвимость реализации прикладного программного интерфейса браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-09268
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности и поучить несанкционированный доступ к защищаемой информации
BDU:2024-09269
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности
BDU:2024-09290
Уязвимость механизма CORS браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю обойти ограничения безопасности, поучить несанкционированный доступ к защищаемой информации и выполнить произвольный код
BDU:2024-09291
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольный код
BDU:2024-09294
Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2024-09311
Уязвимость функции Window.open() браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2024-09442
Уязвимость веб-браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, связанная с недостатками разграничения доступа, позволяющая нарушителю оказать воздействие на целостность данных
BDU:2024-09869
Уязвимость набора библиотек разработки приложений NSS веб-браузера Firefox и почтового клиента Thunderbird, связанная с выделением неограниченной памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2023-4058
Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116.
Modified: 2024-11-21
CVE-2023-4579
Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox < 117.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1842766
- https://bugzilla.mozilla.org/show_bug.cgi?id=1842766
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-34/
- https://www.mozilla.org/security/advisories/mfsa2023-34/
Modified: 2024-11-21
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox < 118.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1846686
- https://bugzilla.mozilla.org/show_bug.cgi?id=1846686
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://www.mozilla.org/security/advisories/mfsa2023-41/
Modified: 2024-11-21
CVE-2023-5172
A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1852218
- https://bugzilla.mozilla.org/show_bug.cgi?id=1852218
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://www.mozilla.org/security/advisories/mfsa2023-41/
Modified: 2024-11-21
CVE-2023-5173
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823172
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823172
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://www.mozilla.org/security/advisories/mfsa2023-41/
Modified: 2024-11-21
CVE-2023-5175
During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849704
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849704
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-41/
- https://www.mozilla.org/security/advisories/mfsa2023-41/
Modified: 2024-11-21
CVE-2023-5722
Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738426
- https://bugzilla.mozilla.org/show_bug.cgi?id=1738426
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5723
An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1802057
- https://bugzilla.mozilla.org/show_bug.cgi?id=1802057
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5729
A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox < 119.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823720
- https://bugzilla.mozilla.org/show_bug.cgi?id=1823720
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-45/
- https://www.mozilla.org/security/advisories/mfsa2023-45/
Modified: 2024-11-21
CVE-2023-5731
Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.
Modified: 2024-11-21
CVE-2023-6135
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1853908
- https://bugzilla.mozilla.org/show_bug.cgi?id=1853908
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6210
When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1801501
- https://bugzilla.mozilla.org/show_bug.cgi?id=1801501
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-49/
Modified: 2024-11-21
CVE-2023-6211
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1850200
- https://bugzilla.mozilla.org/show_bug.cgi?id=1850200
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-49/
- https://www.mozilla.org/security/advisories/mfsa2023-49/
Modified: 2024-11-21
CVE-2023-6213
Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120.
Modified: 2024-11-21
CVE-2023-6866
TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849037
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849037
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6869
A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1799036
- https://bugzilla.mozilla.org/show_bug.cgi?id=1799036
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6871
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1828334
- https://bugzilla.mozilla.org/show_bug.cgi?id=1828334
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6872
Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849186
- https://bugzilla.mozilla.org/show_bug.cgi?id=1849186
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2023-6873
Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.
- Memory safety bugs fixed in Firefox 121
- Memory safety bugs fixed in Firefox 121
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html
- https://security.gentoo.org/glsa/202401-10
- https://security.gentoo.org/glsa/202401-10
- https://www.debian.org/security/2023/dsa-5582
- https://www.debian.org/security/2023/dsa-5582
- https://www.mozilla.org/security/advisories/mfsa2023-56/
- https://www.mozilla.org/security/advisories/mfsa2023-56/
Modified: 2024-11-21
CVE-2024-0744
In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2024-11-21
CVE-2024-0745
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2024-11-21
CVE-2024-0748
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
Modified: 2024-11-21
CVE-2024-0752
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122.
Modified: 2024-11-21
CVE-2024-0754
Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122.
Modified: 2024-10-31
CVE-2024-10458
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1921733
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
Modified: 2024-10-31
CVE-2024-10459
An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1919087
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
Modified: 2024-10-31
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
Modified: 2024-11-04
CVE-2024-10461
In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
Modified: 2024-11-04
CVE-2024-10462
Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
Modified: 2024-11-04
CVE-2024-10463
Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1920800
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-57/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
Modified: 2024-11-04
CVE-2024-10464
Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
Modified: 2024-11-04
CVE-2024-10465
A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
Modified: 2025-03-22
CVE-2024-10466
By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
Modified: 2024-11-04
CVE-2024-10467
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
- Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4
- https://www.mozilla.org/security/advisories/mfsa2024-55/
- https://www.mozilla.org/security/advisories/mfsa2024-56/
- https://www.mozilla.org/security/advisories/mfsa2024-58/
- https://www.mozilla.org/security/advisories/mfsa2024-59/
Modified: 2024-11-21
CVE-2024-5688
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2024-11-21
CVE-2024-5689
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. This vulnerability affects Firefox < 127.
Modified: 2025-03-26
CVE-2024-5690
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883693
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883693
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-20
CVE-2024-5691
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888695
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888695
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-27
CVE-2024-5692
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-27
CVE-2024-5693
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891319
- https://bugzilla.mozilla.org/show_bug.cgi?id=1891319
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-14
CVE-2024-5694
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127.
Modified: 2024-11-21
CVE-2024-5695
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox < 127.
Modified: 2025-03-27
CVE-2024-5696
By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1896555
- https://bugzilla.mozilla.org/show_bug.cgi?id=1896555
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2025-03-13
CVE-2024-5697
A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127.
Modified: 2025-03-14
CVE-2024-5698
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127.
Modified: 2024-11-21
CVE-2024-5700
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
- Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
- Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-25/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2024-11-21
CVE-2024-5702
Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193389
- https://bugzilla.mozilla.org/show_bug.cgi?id=1193389
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-18/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-26/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
- https://www.mozilla.org/security/advisories/mfsa2024-28/
Modified: 2024-11-21
CVE-2024-6600
Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
- https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2024-12-06
CVE-2024-6601
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1890748
- https://bugzilla.mozilla.org/show_bug.cgi?id=1890748
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-14
CVE-2024-6602
A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895032
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895032
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2024-11-21
CVE-2024-6603
In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895081
- https://bugzilla.mozilla.org/show_bug.cgi?id=1895081
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2024-11-21
CVE-2024-6604
Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
- Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, Thunderbird 128, and Thunderbird 115.13
- Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, Thunderbird 128, and Thunderbird 115.13
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-30/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-31/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-25
CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://bugzilla.mozilla.org/show_bug.cgi?id=1743329
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://www.mozilla.org/security/advisories/mfsa2024-29/
Modified: 2025-03-13
CVE-2024-6609
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
- https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2025-03-19
CVE-2024-6610
Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883396
- https://bugzilla.mozilla.org/show_bug.cgi?id=1883396
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-29/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
- https://www.mozilla.org/security/advisories/mfsa2024-32/
Modified: 2024-10-29
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7519
Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1902307
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-24
CVE-2024-7520
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7521
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1904644
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7522
Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1906727
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-25
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
Modified: 2024-08-12
CVE-2024-7525
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909298
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-09-17
CVE-2024-7526
ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1910306
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-18
CVE-2024-7527
Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871303
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2024-08-12
CVE-2024-7528
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
Modified: 2024-08-12
CVE-2024-7529
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1903187
- https://www.mozilla.org/security/advisories/mfsa2024-33/
- https://www.mozilla.org/security/advisories/mfsa2024-34/
- https://www.mozilla.org/security/advisories/mfsa2024-35/
- https://www.mozilla.org/security/advisories/mfsa2024-37/
- https://www.mozilla.org/security/advisories/mfsa2024-38/
Modified: 2025-03-19
CVE-2024-7531
Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
Modified: 2024-09-06
CVE-2024-8381
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1912715
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
Modified: 2024-10-30
CVE-2024-8382
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1906744
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
Modified: 2024-10-30
CVE-2024-8383
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
Modified: 2024-09-06
CVE-2024-8384
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1911288
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-41/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
- https://www.mozilla.org/security/advisories/mfsa2024-44/
Modified: 2024-09-06
CVE-2024-8385
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Modified: 2024-10-30
CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1907032
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909163
- https://bugzilla.mozilla.org/show_bug.cgi?id=1909529
- https://www.mozilla.org/security/advisories/mfsa2024-39/
- https://www.mozilla.org/security/advisories/mfsa2024-40/
- https://www.mozilla.org/security/advisories/mfsa2024-43/
Modified: 2024-09-06
CVE-2024-8387
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Modified: 2025-03-19
CVE-2024-8900
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
Modified: 2024-10-04
CVE-2024-9392
A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1899154
- https://bugzilla.mozilla.org/show_bug.cgi?id=1905843
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
Modified: 2025-03-14
CVE-2024-9393
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918301
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
Modified: 2025-03-14
CVE-2024-9394
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1918874
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
Modified: 2024-10-04
CVE-2024-9396
It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-18
CVE-2024-9397
A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-18
CVE-2024-9398
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2025-03-14
CVE-2024-9399
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2024-10-04
CVE-2024-9400
A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Modified: 2024-10-04
CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
- Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-48/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
Modified: 2024-10-04
CVE-2024-9402
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
- Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3
- https://www.mozilla.org/security/advisories/mfsa2024-46/
- https://www.mozilla.org/security/advisories/mfsa2024-47/
- https://www.mozilla.org/security/advisories/mfsa2024-49/
- https://www.mozilla.org/security/advisories/mfsa2024-50/
Modified: 2024-11-26
CVE-2024-9680
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281992
- https://bugzilla.mozilla.org/show_bug.cgi?id=1923344
- https://lists.debian.org/debian-lts-announce/2024/10/msg00005.html
- Windows sandbox escape detected with the in-the-wild exploit
- https://www.mozilla.org/security/advisories/mfsa2024-51/
- https://www.mozilla.org/security/advisories/mfsa2024-52/
Closed bugs
Не работает плагин КриптоПро ЭЦП Browser plug-in
Отсутствует иконка firefox на панели управления