Vulnerabilities > Mozilla > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-02 | CVE-2023-28163 | Unspecified vulnerability in Mozilla Firefox When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. | 6.5 |
2023-06-02 | CVE-2023-28164 | Unspecified vulnerability in Mozilla Firefox Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. | 6.5 |
2023-06-02 | CVE-2023-29533 | Unspecified vulnerability in Mozilla products A website could have obscured the fullscreen notification by using a combination of <code>window.open</code>, fullscreen requests, <code>window.name</code> assignments, and <code>setInterval</code> calls. | 4.3 |
2023-06-02 | CVE-2023-29535 | Unspecified vulnerability in Mozilla products Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. | 6.5 |
2023-06-02 | CVE-2023-29538 | Exposure of Resource to Wrong Sphere vulnerability in Mozilla Firefox and Focus Under specific circumstances a WebExtension may have received a <code>jar:file:///</code> URI instead of a <code>moz-extension:///</code> URI during a load request. | 4.3 |
2023-06-02 | CVE-2023-29540 | Open Redirect vulnerability in Mozilla Firefox and Focus Using a redirect embedded into <code>sourceMappingUrls</code> could allow for navigation to external protocol links in sandboxed iframes without <code>allow-top-navigation-to-custom-protocols</code>. | 6.1 |
2023-06-02 | CVE-2023-29544 | Resource Exhaustion vulnerability in Mozilla Firefox and Focus If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. | 6.5 |
2023-06-02 | CVE-2023-29547 | Unspecified vulnerability in Mozilla Firefox ESR and Focus When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. | 6.5 |
2023-06-02 | CVE-2023-29548 | Unspecified vulnerability in Mozilla products A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. | 6.5 |
2023-06-02 | CVE-2023-29549 | Inadequate Encryption Strength vulnerability in Mozilla Firefox and Focus Under certain circumstances, a call to the <code>bind</code> function may have resulted in the incorrect realm. | 6.5 |