Mozilla: >> Firefox >> 28.0 Security Vulnerabilities
Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 140 and Thunderbird 140.
CVSS Score
8.1
EPSS Score
0.005
Published
2025-06-24
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-06-11
Certain canvas operations could have lead to memory corruption. This vulnerability was fixed in Firefox 139.0.4.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-06-11
Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 139 and Thunderbird 139.
CVSS Score
7.3
EPSS Score
0.004
Published
2025-05-27
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-05-27
Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability was fixed in Firefox 139 and Thunderbird 139.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-05-27
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139.
CVSS Score
4.3
EPSS Score
0.002
Published
2025-05-21
A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability was fixed in Firefox 137.0.2.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-04-15
An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function. This vulnerability was fixed in Firefox 137 and Thunderbird 137.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-04-01
Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137.
CVSS Score
7.4
EPSS Score
0.002
Published
2025-04-01