Mozilla

Firefox

2939 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-23954

  • EPSS 0.39%
  • Veröffentlicht 26.02.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:05

Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firef...

6.1

CVE-2021-23955

  • EPSS 0.24%
  • Veröffentlicht 26.02.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:05

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox < 85.

6.5

CVE-2021-23956

Exploit
  • EPSS 0.28%
  • Veröffentlicht 26.02.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:06

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85.

7.4

CVE-2021-23957

  • EPSS 0.29%
  • Veröffentlicht 26.02.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:06

Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85.

6.5

CVE-2021-23958

  • EPSS 0.33%
  • Veröffentlicht 26.02.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:06

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85.

6.1

CVE-2021-23959

  • EPSS 0.3%
  • Veröffentlicht 26.02.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:06

An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Fir...

8.8

CVE-2021-23960

  • EPSS 0.53%
  • Veröffentlicht 26.02.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:06

Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.

7.4

CVE-2021-23961

  • EPSS 0.79%
  • Veröffentlicht 26.02.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:06

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85.

6.5

CVE-2021-23970

  • EPSS 0.48%
  • Veröffentlicht 26.02.2021 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:07

Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox < 86.

6.5

CVE-2021-23971

  • EPSS 0.48%
  • Veröffentlicht 26.02.2021 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:07

When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination ...