Vulnerabilities > Mozilla > Firefox > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-29544 | Resource Exhaustion vulnerability in Mozilla Firefox and Focus If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. | 6.5 |
| 2023-06-02 | CVE-2023-29547 | Unspecified vulnerability in Mozilla Firefox ESR and Focus When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. | 6.5 |
| 2023-06-02 | CVE-2023-29548 | Unspecified vulnerability in Mozilla products A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. | 6.5 |
| 2023-06-02 | CVE-2023-29549 | Inadequate Encryption Strength vulnerability in Mozilla Firefox and Focus Under certain circumstances, a call to the <code>bind</code> function may have resulted in the incorrect realm. | 6.5 |
| 2023-06-02 | CVE-2023-32205 | Unspecified vulnerability in Mozilla Firefox In multiple cases browser prompts could have been obscured by popups controlled by content. | 4.3 |
| 2023-06-02 | CVE-2023-32206 | Out-of-bounds Read vulnerability in Mozilla Firefox An out-of-bound read could have led to a crash in the RLBox Expat driver. | 6.5 |
| 2023-06-02 | CVE-2023-32211 | Unspecified vulnerability in Mozilla Firefox A type checking bug would have led to invalid code being compiled. | 6.5 |
| 2023-06-02 | CVE-2023-32212 | Unspecified vulnerability in Mozilla Firefox An attacker could have positioned a <code>datalist</code> element to obscure the address bar. | 4.3 |
| 2023-02-16 | CVE-2019-17003 | Cross-site Scripting vulnerability in Mozilla Firefox Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed. | 6.1 |
| 2023-02-16 | CVE-2020-12413 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. | 5.9 |