Vulnerabilities > Mozilla > Firefox > 21.0

DATE CVE VULNERABILITY TITLE RISK
2023-08-01 CVE-2023-4057 Out-of-bounds Write vulnerability in Mozilla Firefox
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0.
network
low complexity
mozilla CWE-787
critical
9.8
2023-08-01 CVE-2023-4058 Out-of-bounds Write vulnerability in Mozilla Firefox
Memory safety bugs present in Firefox 115.
network
low complexity
mozilla CWE-787
critical
9.8
2023-08-01 CVE-2023-4045 Origin Validation Error vulnerability in multiple products
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy.
network
low complexity
mozilla debian CWE-346
5.3
2023-08-01 CVE-2023-4046 In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis.
network
low complexity
mozilla debian
5.3
2023-08-01 CVE-2023-4047 A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions.
network
low complexity
mozilla debian
8.8
2023-08-01 CVE-2023-4048 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations.
network
low complexity
mozilla debian CWE-125
7.5
2023-08-01 CVE-2023-4049 Race Condition vulnerability in multiple products
Race conditions in reference counting code were found through code inspection.
network
high complexity
mozilla debian CWE-362
5.9
2023-08-01 CVE-2023-4050 Out-of-bounds Write vulnerability in multiple products
In some cases, an untrusted input stream was copied to a stack buffer without checking its size.
network
low complexity
mozilla debian CWE-787
7.5
2023-08-01 CVE-2023-4051 Unspecified vulnerability in Mozilla Firefox
A website could have obscured the full screen notification by using the file open dialog.
network
low complexity
mozilla
7.5
2023-08-01 CVE-2023-4052 Link Following vulnerability in Mozilla Firefox
The Firefox updater created a directory writable by non-privileged users.
network
low complexity
mozilla CWE-59
6.5