Vulnerabilities > Mozilla > Firefox ESR
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-29536 | Use After Free vulnerability in Mozilla products An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. | 8.8 |
| 2023-06-02 | CVE-2023-29539 | NULL Pointer Dereference vulnerability in Mozilla products When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. | 8.8 |
| 2023-06-02 | CVE-2023-29541 | Improper Encoding or Escaping of Output vulnerability in Mozilla products Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. | 8.8 |
| 2023-06-02 | CVE-2023-29547 | Unspecified vulnerability in Mozilla Firefox ESR and Focus When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. | 6.5 |
| 2023-06-02 | CVE-2023-29548 | Unspecified vulnerability in Mozilla products A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. | 6.5 |
| 2023-06-02 | CVE-2023-29550 | Unspecified vulnerability in Mozilla products Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. | 8.8 |
| 2023-06-02 | CVE-2023-32205 | Unspecified vulnerability in Mozilla Firefox In multiple cases browser prompts could have been obscured by popups controlled by content. | 4.3 |
| 2023-06-02 | CVE-2023-32206 | Out-of-bounds Read vulnerability in Mozilla Firefox An out-of-bound read could have led to a crash in the RLBox Expat driver. | 6.5 |
| 2023-06-02 | CVE-2023-32207 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. | 8.8 |
| 2023-06-02 | CVE-2023-32211 | Unspecified vulnerability in Mozilla Firefox A type checking bug would have led to invalid code being compiled. | 6.5 |