Latest mozilla firefox Vulnerabilities

Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code....
debian/firefox
Mozilla Firefox<123
ubuntu/firefox<123.0+
A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Fire...
Mozilla Firefox<123
Mozilla Thunderbird<115.8
Mozilla Firefox ESR<115.8
redhat/firefox<115.8
redhat/thunderbird<115.8
ubuntu/firefox<123.0+
and 3 more
When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox < 123, Firefox E...
Mozilla Firefox<123
Mozilla Thunderbird<115.8
Mozilla Firefox ESR<115.8
redhat/firefox<115.8
redhat/thunderbird<115.8
ubuntu/firefox<123.0+
and 3 more
A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion...
Mozilla Firefox<123
Mozilla Thunderbird<115.8
Mozilla Firefox ESR<115.8
redhat/firefox<115.8
redhat/thunderbird<115.8
ubuntu/firefox<123.0+
and 3 more
Security Vulnerabilities fixed in Firefox 123
Mozilla Firefox<123
The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers `fetch()` may contain. Under the correct circumstances, an attacker may have b...
debian/firefox
Mozilla Firefox<123
ubuntu/firefox<123.0+
If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulner...
Mozilla Firefox ESR<115.8
Mozilla Firefox<123
Mozilla Thunderbird<115.8
redhat/firefox<115.8
redhat/thunderbird<115.8
ubuntu/firefox<123.0+
and 3 more
Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ...
Mozilla Thunderbird<115.8
Mozilla Firefox<123
Mozilla Firefox ESR<115.8
redhat/firefox<115.8
redhat/thunderbird<115.8
ubuntu/firefox<123.0+
and 3 more
The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profil...
ubuntu/firefox<123.0+
debian/firefox
Mozilla Firefox<123
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, the...
Mozilla Firefox<123
Mozilla Thunderbird<115.8
Mozilla Firefox ESR<115.8
redhat/firefox<115.8
redhat/thunderbird<115.8
ubuntu/firefox<123.0+
and 3 more
Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox ...
ubuntu/firefox<123.0+
Mozilla Firefox<123
Mozilla Thunderbird<115.8
Mozilla Firefox ESR<115.8
redhat/firefox<115.8
redhat/thunderbird<115.8
and 3 more
When opening a website using the `firefox://` protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox < 123.
debian/firefox
Mozilla Firefox<123
ubuntu/firefox<123.0+
Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123...
Mozilla Firefox ESR<115.8
Mozilla Firefox<123
Mozilla Thunderbird<115.8
redhat/firefox<115.8
redhat/thunderbird<115.8
ubuntu/firefox<123.0+
and 3 more
Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar.
Mozilla Firefox=123
Apple iOS
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme.
Mozilla Firefox=123
Apple iOS
Security Vulnerabilities fixed in Firefox for iOS 123
Mozilla Firefox=123
Apple iOS
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page.
Mozilla Firefox=123
Apple iOS
The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file.
N-able PassPortal<3.29.2
Google Chrome
Microsoft Edge
Mozilla Firefox
QR Code Scanner does not prompt before navigating user
Mozilla Firefox
A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.
Mozilla Thunderbird<115.7
Mozilla Firefox ESR<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
Mozilla Firefox<122
Mozilla Firefox<122.0
and 8 more
Some WASM source files could have caused a crash when loaded in devtools.
ubuntu/firefox<122.0+
Mozilla Firefox<122
Mozilla Firefox<122.0
debian/firefox
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability...
Mozilla Thunderbird<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
ubuntu/firefox<122.0+
ubuntu/thunderbird<115.7
Mozilla Firefox ESR<115.7
and 8 more
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ...
Mozilla Thunderbird<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
ubuntu/firefox<122.0+
ubuntu/thunderbird<115.7
Mozilla Firefox ESR<115.7
and 8 more
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.
ubuntu/firefox<122.0+
Mozilla Firefox<122
Mozilla Firefox<122.0
debian/firefox
Security Vulnerabilities fixed in Firefox 122
Mozilla Firefox<122
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
ubuntu/firefox<122.0+
Mozilla Firefox<122
Mozilla Firefox<122.0
debian/firefox
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and...
Mozilla Thunderbird<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
ubuntu/firefox<122.0+
ubuntu/thunderbird<115.7
Mozilla Firefox ESR<115.7
and 8 more
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 12...
Mozilla Thunderbird<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
ubuntu/firefox<122.0+
ubuntu/thunderbird<115.7
Mozilla Firefox ESR<115.7
and 8 more
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash.
Mozilla Firefox<122
Mozilla Firefox<122.0
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Mozilla Thunderbird<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
ubuntu/firefox<122.0+
ubuntu/thunderbird<115.7
Mozilla Firefox ESR<115.7
and 8 more
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122.
ubuntu/firefox<122.0+
Mozilla Firefox<122
Mozilla Firefox<122.0
debian/firefox
debian/nss<=2:3.42.1-1+deb10u5<=2:3.42.1-1+deb10u7<=2:3.61-1+deb11u3<=2:3.87.1-1
In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122.
ubuntu/firefox<122.0+
Mozilla Firefox<122
Mozilla Firefox<122.0
debian/firefox
A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Mozilla Thunderbird<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
ubuntu/firefox<122.0+
ubuntu/thunderbird<115.7
Mozilla Firefox ESR<115.7
and 8 more
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderb...
Mozilla Thunderbird<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
ubuntu/firefox<122.0+
ubuntu/thunderbird<115.7
Mozilla Firefox ESR<115.7
and 8 more
A malicious devtools extension could have been used to escalate privileges.
Mozilla Thunderbird<115.7
redhat/firefox<115.7
redhat/thunderbird<115.7
ubuntu/firefox<122.0+
ubuntu/thunderbird<115.7
Mozilla Firefox ESR<115.7
and 8 more
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthoriz...
Mozilla Firefox<121
Mozilla Firefox<121.0
Google Android
The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thund...
Mozilla Firefox ESR<115.6
Mozilla Thunderbird<115.6
ubuntu/firefox<121.0+
ubuntu/thunderbird<1:115.6.0+
ubuntu/thunderbird<1:115.6.0+
ubuntu/thunderbird<1:115.6.0+
and 12 more
Security Vulnerabilities fixed in Firefox 121
Mozilla Firefox<121
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. *This issue only affects Android versions of Firefox and Firefox ...
Mozilla Firefox<121
Mozilla Firefox<121.0
Mozilla Firefox Focus
Google Android
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.
ubuntu/firefox<121.0+
Mozilla Firefox<121
Mozilla Firefox<121.0
debian/firefox
Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ...
Mozilla Firefox ESR<115.6
Mozilla Thunderbird<115.6
ubuntu/firefox<121.0+
ubuntu/thunderbird<1:115.6.0+
ubuntu/thunderbird<1:115.6.0+
ubuntu/thunderbird<1:115.6.0+
and 13 more
Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Mozilla Firefox ESR<115.6
Mozilla Thunderbird<115.6
ubuntu/firefox<121.0+
ubuntu/thunderbird<1:115.6.0+
ubuntu/thunderbird<1:115.6.0+
ubuntu/thunderbird<1:115.6.0+
and 13 more
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux,...
Mozilla Firefox ESR<115.6
Mozilla Thunderbird<115.6
Mozilla Firefox<121
redhat/firefox<115.6
redhat/thunderbird<115.6
ubuntu/firefox<121.0+
and 16 more
Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code....
ubuntu/firefox<121.0+
Mozilla Firefox<121
Mozilla Firefox<121.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
and 2 more
TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.
ubuntu/firefox<121.0+
Mozilla Firefox<121
Mozilla Firefox<121.0
debian/firefox
A `&lt;dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability...
ubuntu/firefox<121.0+
Mozilla Firefox<121
Mozilla Firefox<121.0
debian/firefox
The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Mozilla Firefox ESR<115.6
Mozilla Thunderbird<115.6
ubuntu/firefox<121.0+
ubuntu/thunderbird<1:115.6.0+
ubuntu/thunderbird<1:115.6.0+
ubuntu/thunderbird<1:115.6.0+
and 13 more
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and...
Mozilla Thunderbird<115.6
Mozilla Firefox ESR<115.6
redhat/firefox<115.6
redhat/thunderbird<115.6
ubuntu/firefox<121.0+
ubuntu/thunderbird<1:115.6.0+
and 13 more
The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by ...
redhat/firefox<115.6
redhat/thunderbird<115.6
Mozilla Firefox ESR<115.6
ubuntu/firefox<121.0+
Mozilla Firefox<121
Mozilla Firefox<121.0
and 6 more
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. T...
redhat/firefox<115.6
redhat/thunderbird<115.6
Mozilla Firefox ESR<115.6
ubuntu/firefox<121.0+
Mozilla Firefox<121
Mozilla Firefox<121.0
and 6 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203