Firefox
Source repositories
CVEs (3,179)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-3855 | Med | 0.42 | 6.5 | 0.00 | Apr 16, 2024 | In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125. | ||
| CVE-2023-5388 | Med | 0.42 | 6.5 | 0.01 | Mar 19, 2024 | NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | ||
| CVE-2024-1556 | Med | 0.42 | 6.5 | 0.00 | Feb 20, 2024 | The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123. | ||
| CVE-2024-1547 | Med | 0.42 | 6.5 | 0.01 | Feb 20, 2024 | Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. | ||
| CVE-2024-0754 | Med | 0.42 | 6.5 | 0.00 | Jan 23, 2024 | Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122. | ||
| CVE-2024-0753 | Med | 0.42 | 6.5 | 0.01 | Jan 23, 2024 | In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | ||
| CVE-2024-0752 | Med | 0.42 | 6.5 | 0.00 | Jan 23, 2024 | A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122. | ||
| CVE-2024-0747 | Med | 0.42 | 6.5 | 0.01 | Jan 23, 2024 | When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | ||
| CVE-2024-0746 | Med | 0.42 | 6.5 | 0.01 | Jan 23, 2024 | A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | ||
| CVE-2024-0741 | Med | 0.42 | 6.5 | 0.02 | Jan 23, 2024 | An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | ||
| CVE-2023-6872 | Med | 0.42 | 6.5 | 0.01 | Dec 19, 2023 | Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121. | ||
| CVE-2023-6869 | Med | 0.42 | 6.5 | 0.01 | Dec 19, 2023 | A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121. | ||
| CVE-2023-6865 | Med | 0.42 | 6.5 | 0.01 | Dec 19, 2023 | `EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121. | ||
| CVE-2023-6860 | Med | 0.42 | 6.5 | 0.01 | Dec 19, 2023 | The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. | ||
| CVE-2023-6211 | Med | 0.42 | 6.5 | 0.00 | Nov 21, 2023 | If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability… | ||
| CVE-2023-6210 | Med | 0.42 | 6.5 | 0.01 | Nov 21, 2023 | When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120. | ||
| CVE-2023-6209 | Med | 0.42 | 6.5 | 0.01 | Nov 21, 2023 | Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0,… | ||
| CVE-2023-6205 | Med | 0.42 | 6.5 | 0.01 | Nov 21, 2023 | It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. | ||
| CVE-2023-6204 | Med | 0.42 | 6.5 | 0.01 | Nov 21, 2023 | On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. | ||
| CVE-2023-5732 | Med | 0.42 | 6.5 | 0.01 | Oct 25, 2023 | An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1. |
- risk 0.42cvss 6.5epss 0.00
In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125.
- risk 0.42cvss 6.5epss 0.01
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
- risk 0.42cvss 6.5epss 0.00
The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123.
- risk 0.42cvss 6.5epss 0.01
Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
- risk 0.42cvss 6.5epss 0.00
Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122.
- risk 0.42cvss 6.5epss 0.01
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- risk 0.42cvss 6.5epss 0.00
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122.
- risk 0.42cvss 6.5epss 0.01
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- risk 0.42cvss 6.5epss 0.01
A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- risk 0.42cvss 6.5epss 0.02
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
- risk 0.42cvss 6.5epss 0.01
Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.
- risk 0.42cvss 6.5epss 0.01
A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.
- risk 0.42cvss 6.5epss 0.01
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
- risk 0.42cvss 6.5epss 0.01
The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
- risk 0.42cvss 6.5epss 0.00
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability…
- risk 0.42cvss 6.5epss 0.01
When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.
- risk 0.42cvss 6.5epss 0.01
Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0,…
- risk 0.42cvss 6.5epss 0.01
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- risk 0.42cvss 6.5epss 0.01
On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
- risk 0.42cvss 6.5epss 0.01
An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
Page 63 of 159