Vulnerabilities > Mozilla > Firefox > 21.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-01 | CVE-2023-4053 | Link Following vulnerability in Mozilla Firefox A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. | 6.5 |
| 2023-07-12 | CVE-2023-37455 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. | 5.4 |
| 2023-07-12 | CVE-2023-37456 | Unspecified vulnerability in Mozilla Firefox The session restore helper crashed whenever there was no parameter sent to the message handler. | 6.5 |
| 2023-07-12 | CVE-2023-3600 | Use After Free vulnerability in Mozilla Firefox During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. | 8.8 |
| 2023-07-05 | CVE-2023-37203 | Unspecified vulnerability in Mozilla Firefox Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. | 7.8 |
| 2023-07-05 | CVE-2023-37204 | Unspecified vulnerability in Mozilla Firefox A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational function. | 6.5 |
| 2023-07-05 | CVE-2023-37205 | Unspecified vulnerability in Mozilla Firefox The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. | 6.5 |
| 2023-07-05 | CVE-2023-37206 | Link Following vulnerability in Mozilla Firefox Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. | 6.5 |
| 2023-07-05 | CVE-2023-37209 | Use After Free vulnerability in Mozilla Firefox A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained. | 8.8 |
| 2023-07-05 | CVE-2023-37210 | Unspecified vulnerability in Mozilla Firefox A website could prevent a user from exiting full-screen mode via alert and prompt calls. | 6.5 |