Mozilla Firefox 漏洞

时间轴

去年

版本

1.0166
1.0.1126
1.0.2121
0.9.2106
0.9105

修正

Official Fix2127
Temporary Fix0
Workaround6
Unavailable13
Not Defined125

易受攻击性

High36
Functional4
Proof-of-Concept610
Unproven301
Not Defined1320

访问向量

Not Defined0
Physical2
Local82
Adjacent19
Network2168

身份验证

Not Defined0
High0
Low100
None2171

用户交互

Not Defined0
Required1280
None991

C3BM Index

去年

CVSSv3 Base

≤10
≤20
≤34
≤461
≤5254
≤6448
≤7462
≤8473
≤9188
≤10381

CVSSv3 Temp

≤10
≤20
≤326
≤4107
≤5370
≤6532
≤7414
≤8355
≤9323
≤10144

VulDB

≤10
≤20
≤39
≤473
≤5367
≤6329
≤7686
≤8227
≤9184
≤10396

NVD

≤10
≤20
≤31
≤44
≤556
≤694
≤7138
≤8120
≤9190
≤10194

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

供应商

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k0
<2k0
<5k8
<10k26
<25k765
<50k918
<100k549
≥100k5

本日攻击

<1k986
<2k140
<5k539
<10k510
<25k60
<50k36
<100k0
≥100k0

攻击市场容量

去年

🔴 CTI 活动

Affected Versions (421): 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.7.1, 0.7.2, 0.7.3, 0.8, 0.9, 0.9.1, 0.9.2, 0.9.2.1, 0.9.3, 0.9.4, 0.9.4.1, 0.9.5, 0.9.6, 0.9.7, 0.9.8, 0.9.9, 0.9.35, 0.9.48, 0.10, 0.10.1, 1, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.1, 1.2, 1.2.1, 1.3, 1.3.1, 1.4, 1.4.1, 1.4.2, 1.4.4, 1.5, 1.5 Beta 2, 1.5.0.1, 1.5.0.2, 1.5.0.3, 1.5.0.4, 1.5.0.5, 1.5.0.6, 1.5.0.7, 1.5.0.8, 1.5.0.9, 1.5.0.11, 1.5.0.12, 1.5.1, 1.5.2, 1.5.3, 1.5.4, 1.5.5, 1.5.6, 1.5.7, 1.5.8, 1.6, 1.7, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, 1.7.6, 1.7.7, 1.7.8, 1.8, 2, 2.0, 2.0 8, 2.0.0.1, 2.0.0.2, 2.0.0.3, 2.0.0.4, 2.0.0.5, 2.0.0.6, 2.0.0.7, 2.0.0.8, 2.0.0.9, 2.0.0.11, 2.0.0.12, 2.0.0.13, 2.0.0.14, 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.11, 2.0.12, 2.1, 2.2, 2.3, 2.4, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.11, 3.0.12, 3.0.13, 3.0.14, 3.0.15, 3.0.16, 3.0.17, 3.0.18, 3.0.19, 3.0beta5, 3.1, 3.2, 3.3, 3.4, 3.5, 3.5.1, 3.5.2, 3.5.3, 3.5.4, 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.5.9, 3.5.11, 3.5.12, 3.5.13, 3.5.14, 3.5.15, 3.5.16, 3.5.17, 3.5.18, 3.5.19, 3.6, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.6.6, 3.6.7, 3.6.8, 3.6.9, 3.6.11, 3.6.12, 3.6.13, 3.6.14, 3.6.15, 3.6.16, 3.6.17, 3.6.18, 3.6.19, 3.6.21, 3.6.22, 3.6.23, 3.6.24, 3.6.25, 3.6.26, 3.6.27, 3.6.28, 3.7, 3.11, 3.11.1, 3.11.2, 3.11.3, 3.11.4, 4, 4.0, 4.0.1, 4.5, 4.5.1, 4.5.2, 5.0, 5.0.1, 6, 6.0, 6.0.1, 6.0.2, 7.0, 7.0.1, 8.0, 8.0 for Mac, 8.0.1, 8.1, 8.2, 9.0, 9.0.1, 9.1, 10.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, 10.0.5, 10.0.7, 10.1, 10.2, 11.0, 12.0, 13.0, 14, 14.0.1, 14.0b6, 15, 15.0a1, 16, 16.0.1, 16.0.2, 17, 17.0, 17.0.1, 17.0.2, 17.0.3, 17.0.4, 17.0.5, 17.0.6, 18, 18.0, 18.0.1, 18.0.2, 19, 19.0, 19.0.1, 19.0.2, 20.0, 20.0.1, 20.0a1, 21.0, 22.0, 23.0, 23.0.1, 24.0, 24.0.1, 24.0.2, 24.1, 24.1.1, 24.2, 24.3, 24.4, 24.5, 24.7, 25.0, 25.0.1, 26, 26.0, 27, 27.0, 28, 28.0, 28.0.1, 29.0.1, 30.0, 31.0, 31.1, 31.1.1, 31.2, 31.3, 32.0, 33.0, 34.0.5, 35, 36, 36.0.1, 36.0.2, 36.0.3, 37, 37.0, 37.0.1, 38.0, 39, 39.0.1, 39.0.2, 40, 40.0.1, 40.0.2, 41, 41.0.1, 42, 43, 44, 44.0, 44.0.1, 45, 45.0, 45.1, 45.2, 45.3, 45.4, 45.5, 46, 47, 48, 49, 49.0, 49.0.1, 50, 50.0.2, 51, 51.0, 51.0.1, 51.0.2, 52, 52.0, 52.1, 52.2, 52.3, 52.4, 52.5, 52.6, 52.7, 53, 53.0, 53.0.1, 53.0.2, 53.0.3, 54, 55, 56, 57, 57.0, 58.0, 59, 59.0, 59.0.1, 59.0.2, 59.0.3, 60, 60.0.1, 61.0, 62, 62.0, 62.0.1, 62.0.2, 63.0, 64, 65, 65.0, 66.0, 67, 67.0, 67.0.1, 67.0.2, 67.0.3, 68, 68.0, 68.0.1, 68.1, 68.2, 68.3, 68.4, 68.5, 68.6, 68.7, 68.8, 68.9, 68.10, 68.11, 69.0, 70, 70.0, 71, 71.0, 72, 73.0, 74, 74.0, 75.0, 76.0, 77.0, 78.0, 78.1, 78.2, 78.3, 78.4, 78.5, 78.6, 78.7, 78.8, 78.9, 78.10, 79.0, 80.0, 81.0, 82.0, 83.0, 84.0, 85.0, 86.0, 87.0, 88.0, 89.0, 90.0, 91.0, 92.0, 93.0, 94.0, ESR 68.6

Link to Product Website: https://www.mozilla.org/

软件类型: Web Browser

已发布BaseTemp漏洞0day今天修正CTICVE
2022-03-076.36.0Mozilla Firefox/Firefox ESR/Thunderbird WebGPU IPC Framework 内存损坏$25k-$100k$5k-$25kHighOfficial Fix0.29CVE-2022-26486
2022-03-076.36.0Mozilla Firefox/Firefox ESR/Thunderbird XSLT Parameter 内存损坏$25k-$100k$5k-$25kHighOfficial Fix0.19CVE-2022-26485
2021-12-095.04.8Mozilla Firefox/Firefox ESR/Thunderbird Cursor 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-43546
2021-12-094.34.1Mozilla Firefox/Firefox ESR/Thunderbird Location API 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.14CVE-2021-43545
2021-12-094.34.1Mozilla Firefox Address Bar 跨网站脚本$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-43544
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird CSP 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2021-43543
2021-12-094.34.1Mozilla Firefox/Firefox ESR/Thunderbird XMLHttpRequest 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-43542
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird Protocol 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-43541
2021-12-096.36.0Mozilla Firefox WebExtensions 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-43540
2021-12-094.34.1Mozilla Firefox/Firefox ESR/Thunderbird Live Pointer 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2021-43539
2021-12-094.34.1Mozilla Firefox/Firefox ESR/Thunderbird 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2021-43537
2021-12-094.34.1Mozilla Firefox/Firefox ESR/Thunderbird 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-43536
2021-12-094.34.1Mozilla Firefox/Firefox ESR/Thunderbird Session Object 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-43535
2021-12-095.45.2Mozilla Firefox Internationalized Domain Name 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.06CVE-2021-43533
2021-12-093.13.0Mozilla Firefox 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-43532
2021-12-094.34.1Mozilla Firefox Web Extension Context Menu 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2021-43531
2021-12-094.34.1Mozilla Firefox QR Code 跨网站脚本$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-43530
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird Javascript Alert 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38509
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird Form Validity Message 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38508
2021-12-093.13.0Mozilla Firefox/Firefox ESR/Thunderbird HTTP2 Opportunistic Encryption 弱加密$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-38507
2021-12-095.35.2Mozilla Firefox/Firefox ESR/Thunderbird Notification 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.06CVE-2021-38506
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird HTML Input Element 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.06CVE-2021-38504
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird iFrame Sandbox 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.07CVE-2021-38503
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird Notification 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-43538
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird inetloc File 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-38510
2021-12-096.36.0Mozilla Firefox/Firefox ESR/Thunderbird 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.06CVE-2021-43534
2021-12-093.13.0Mozilla Firefox/Firefox ESR/Thunderbird Clipboard 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2021-38505
2021-11-036.96.7Mozilla Firefox/Firefox ESR/Thunderbird Shutdown 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.06CVE-2021-38498
2021-11-036.46.2Mozilla Firefox/Firefox ESR/Thunderbird window.open 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38497
2021-11-036.46.2Mozilla Firefox Remote Code Execution$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2021-38491
2021-11-037.27.0Mozilla Firefox/Thunderbird HTTP3 Header 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-29991
2021-11-036.26.1Mozilla Firefox intent Scheme 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-29993
2021-11-037.57.4Mozilla Firefox/Firefox ESR/Thunderbird MessageTasks 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-38496
2021-11-035.75.6Mozilla Firefox/Firefox ESR/Thunderbird mk Scheme 权限升级$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38492
2021-11-037.57.4Mozilla Firefox 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38499
2021-11-037.57.4Mozilla Firefox 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38494
2021-11-037.57.4Mozilla Firefox/Firefox ESR/Thunderbird 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38501
2021-11-037.57.4Mozilla Firefox/Firefox ESR/Thunderbird 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38500
2021-11-037.57.4Mozilla Firefox ESR/Thunderbird 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38495
2021-11-036.36.0Mozilla Firefox/Firefox ESR/Thunderbird 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-38493
2021-08-186.36.0Mozilla Firefox/Firefox ESR/Thunderbird List-Item Element 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-29988
2021-08-186.36.0Mozilla Firefox/Firefox ESR/Thunderbird 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2021-29985
2021-08-184.34.1Mozilla Firefox/Firefox ESR/Thunderbird Garbage Collection 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-29984
2021-08-184.34.1Mozilla Firefox/Thunderbird JIT Optimizer 信息公开$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-29982
2021-08-184.34.1Mozilla Firefox/Thunderbird JIT Code 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-29981
2021-08-184.34.1Mozilla Firefox/Firefox ESR/Thunderbird Canvas Object free 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-29980
2021-08-184.34.1Mozilla Firefox Fullscreen Mode 拒绝服务$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-29983
2021-08-184.94.7Mozilla Firefox/Thunderbird Permissions 权限升级$5k-$25k$0-$5kNot DefinedOfficial Fix0.07CVE-2021-29987
2021-08-186.36.0Mozilla Firefox/Firefox ESR/Thunderbird getaddrinfo 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-29986
2021-08-186.36.0Mozilla Firefox 内存损坏$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2021-29990

2221 更多条目未显示

更多条目由 Mozilla

Do you know our Splunk app?

Download it now for free!