1238860
|
|
Read the Browser History via a side-channel attack on the HTTP-Cache
|
Core
|
Networking: Cache
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1379136
|
|
Crash of Browser & Tab Bug with IndexedDB
|
Core
|
Storage: IndexedDB
|
nobody
|
UNCO
|
---
|
2024-02-27
|
1422480
|
|
Downloads manager shows wrong source when handling 30x redirect on drop
|
Firefox
|
Downloads Panel
|
nobody
|
UNCO
|
---
|
2023-06-14
|
1456230
|
|
Pages can block navigation by reloading on 'beforeunload'
|
Core
|
DOM: Navigation
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1464833
|
|
Downloads path can be made to point to and open an executable.
|
Toolkit
|
Downloads API
|
nobody
|
UNCO
|
---
|
2024-05-30
|
1757560
|
|
Firefox crashes when browsing website containing bad WebGL shader
|
Core
|
Graphics: CanvasWebG
|
nobody
|
UNCO
|
---
|
2023-04-15
|
1342282
|
|
Deal with domains with a trailing period
|
WebExtensions
|
General
|
nobody
|
UNCO
|
---
|
2022-10-11
|
895834
|
|
Operating system resource exhaustion (denial of service) when processing crafted gzip content
|
Core
|
General
|
nobody
|
UNCO
|
---
|
2022-10-10
|
1272555
|
|
Shouldn't use alternate domain fixup when opening links except if using the URL bar
|
Firefox
|
General
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1303065
|
|
QRL Jacking in support.mozilla.org Messages
|
Websites
|
Other
|
nobody
|
UNCO
|
---
|
2024-05-30
|
1346123
|
|
Trapping the user in fullscreen by using modal search dialog alerts (and blocking F11)
|
Firefox
|
General
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1658641
|
|
Bypassing CSPs when multiple policies are defined in a 304 Not Modified response
|
Core
|
DOM: Security
|
nobody
|
UNCO
|
---
|
2024-05-30
|
1523275
|
|
ResourceTiming duration should be non-0 for failed DNS, TCP, SSL
|
Core
|
Performance
|
bdekoz
|
NEW
|
---
|
2022-03-02
|
1294413
|
|
Potential address bar spoof using @title (or spoofing a "browser" message) for form validation popup
|
Firefox
|
General
|
nobody
|
NEW
|
---
|
2022-10-11
|
1315677
|
|
Using opener.alert() to open an alert in a background tab blocks JS execution in the *current* tab and produces a confusing user experience
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2024-02-27
|
1511914
|
|
Style Editor does not cache repeated loads of the same file, allowing unlimited memory use
|
DevTools
|
Style Editor
|
nobody
|
NEW
|
---
|
2024-05-30
|
1693755
|
|
Downloaded file extension unexpectedly changes to HTML when using "open with" and can execute code (based on content type sent by the server that doesn't match filename)
|
Firefox
|
File Handling
|
nobody
|
NEW
|
---
|
2024-05-30
|
1711084
|
|
Scheme flooding technique for reliable cross-browser fingerprinting
|
Core
|
Privacy: Anti-Tracki
|
nobody
|
NEW
|
---
|
2023-04-26
|
1748361
|
|
PR_GetAddrInfoByName: glibc getaddrinfo uses getenv without being protected by NSPR environment lock
|
NSPR
|
NSPR
|
nobody
|
NEW
|
---
|
2022-05-18
|
1748363
|
|
When NSPR and Rust libstd are used together, they don't use the same environment lock
|
NSPR
|
NSPR
|
nobody
|
NEW
|
---
|
2022-09-09
|
249673
|
|
download prompt should disappear when the page redirects (via JS Timer) (possible to make a download look like it's from a trusted site)
|
Firefox
|
Downloads Panel
|
nobody
|
NEW
|
---
|
2023-02-20
|
263290
|
|
view-source: protocol allows viewing "cache-control: no-store" pages that are no longer being displayed
|
Core
|
Networking: Cache
|
nobody
|
NEW
|
---
|
2022-10-10
|
338542
|
|
an image with 'Cache-control: no-store' not reloaded when loading a page from bfcache (e.g. Back button)
|
Core
|
Graphics: ImageLib
|
nobody
|
NEW
|
---
|
2023-08-11
|
545793
|
|
DATA: link may be used in Spoofing Attacks
|
Core
|
Networking
|
nobody
|
NEW
|
---
|
2022-10-10
|
678994
|
|
onclick popups can be delayed by event-loop-spinning tricks
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2022-10-10
|
753212
|
|
Javascript alert containing long words has missing vertical scroll bar, missing origin, and obstructing horizontal scroll bar
|
Toolkit
|
Content Prompts
|
nobody
|
NEW
|
---
|
2023-06-22
|
827853
|
|
Parent side of HTTP channel implementation does not do input validation of child process's requests
|
Core
|
Networking
|
nobody
|
NEW
|
---
|
2022-10-10
|
832913
|
|
DoS using unknown content-type objects
|
Firefox
|
File Handling
|
nobody
|
NEW
|
---
|
2023-08-21
|
847147
|
|
Security Bug: Firefox will parse malformed HTTP responses
|
Core
|
Networking: HTTP
|
nobody
|
NEW
|
---
|
2024-06-20
|
898035
|
|
Double-click makes a combobox drop-down menu cover a chrome door-hanger
|
Core
|
Widget: Win32
|
nobody
|
NEW
|
---
|
2022-10-10
|
997914
|
|
IDN Blacklist missing unicode characters
|
Core
|
Networking
|
nobody
|
NEW
|
---
|
2022-10-11
|
1202112
|
|
A top-level includeSubdomains directive does not enforce STS for subdomains if there is an intermediate superdomain without the includeSubdomains directive
|
Core
|
Security: PSM
|
nobody
|
NEW
|
---
|
2022-10-11
|
1252196
|
|
libjpeg-turbo: DoS via progressive image decoding
|
Core
|
Graphics: ImageLib
|
nobody
|
NEW
|
---
|
2023-03-21
|
1252200
|
|
libjpeg-turbo: DoS via small Image with large Dimensions
|
Core
|
Graphics: ImageLib
|
nobody
|
NEW
|
---
|
2023-03-21
|
1266789
|
|
Hang when loading URL with hundreds of subdomains
|
Core
|
Networking
|
nobody
|
NEW
|
---
|
2022-10-31
|
1289387
|
|
Follow up fixes to sendBeacon()'s request mode
|
Core
|
DOM: Networking
|
nobody
|
NEW
|
---
|
2022-10-11
|
1293523
|
|
Read Access Violation in nsTextBoxFrame::CalculateTitleForWidth
|
Core
|
Graphics
|
nobody
|
NEW
|
---
|
2024-05-30
|
1297476
|
|
certification authority display lags the certificate and authority replacement via proxy
|
Firefox
|
Site Identity
|
nobody
|
NEW
|
---
|
2022-10-11
|
1298584
|
|
Security: Partial Address Bar Spoofing in Firefox V51.0(Nightly)
|
Firefox
|
Address Bar
|
nobody
|
NEW
|
---
|
2022-10-11
|
1303183
|
|
Add-on update metadata needs to use content-signing
|
Toolkit
|
Add-ons Manager
|
nobody
|
NEW
|
---
|
2021-05-21
|
1315203
|
|
XSHM: Cross Site History Manipulation (information leakage)
|
Core
|
DOM: Navigation
|
nobody
|
NEW
|
---
|
2024-01-01
|
1318234
|
|
view-source: uses the cached version of a page, not respecting the caching headers from GMail or other sites
|
Core
|
Networking
|
nobody
|
NEW
|
---
|
2024-02-23
|
1322022
|
|
Need test for location bar spoofing via drag and drop of broken javascript: URI
|
Firefox
|
Address Bar
|
nobody
|
NEW
|
---
|
2024-05-30
|
1322106
|
|
Script stopper doesn't fire for loop of document.execCommand("insertHtml")
|
Core
|
DOM: Editor
|
nobody
|
NEW
|
---
|
2022-10-11
|
1323452
|
|
Consider whether to revert the URL bar straight after 'paste and go' usage
|
Firefox
|
Address Bar
|
nobody
|
NEW
|
---
|
2024-04-08
|
1349316
|
|
Include dotted forms from Latin Extended Additional unicode block for IDNA
|
Core
|
Networking
|
nobody
|
NEW
|
---
|
2023-07-05
|
1405971
|
|
Webextension UUID leak via Fetch requests
|
WebExtensions
|
General
|
nobody
|
NEW
|
---
|
2024-05-30
|
1422482
|
|
OS username disclosure using downloads manager
|
Firefox
|
Downloads Panel
|
nobody
|
NEW
|
---
|
2022-10-11
|
1423602
|
|
Resource timing violates SOP for font files loaded under "no-cors" CSS
|
Core
|
Layout
|
nobody
|
NEW
|
---
|
2023-10-04
|
1445758
|
|
Focus does not show the top level domain +1 in the address bar
|
Focus
|
General
|
nobody
|
NEW
|
---
|
2023-01-26
|
1448827
|
|
Firefox CSP Bypass through window.opener
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2024-05-30
|
1450625
|
|
setTimeout(..., 0) + setting location.href requests the same url very many times, causing something vaguely resembling dos
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2022-10-11
|
1457080
|
|
Phishing risks with Firefox not always showing the origin (Linux and Android)
|
Toolkit
|
Alerts Service
|
nobody
|
NEW
|
---
|
2024-05-30
|
1459532
|
|
get the redirected url using img tag & social engineering tricks
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2022-10-11
|
1461634
|
|
Support SameSite cookie attribute
|
Conduit
|
Phabricator
|
nobody
|
NEW
|
---
|
2021-02-05
|
1461989
|
|
Support SameSite cookie attribute
|
Conduit
|
Lando
|
nobody
|
NEW
|
---
|
2021-02-05
|
1463533
|
|
When a specially-crafted input text value containing a privileged URL scheme (eg: chrome: URL) of a prompt() dialog is dragged and dropped to the "home" icon, the home page can be changed by this privileged URL
|
Firefox
|
Toolbars and Customi
|
nobody
|
NEW
|
---
|
2024-05-30
|
1474842
|
|
mixed content blocker bypass: insecure sub-resources loaded by a localhost frame in a secure parent document
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2023-11-03
|
1479897
|
|
use-after-poison in [@ AutoWeakFrame::Init]
|
Core
|
Layout
|
nobody
|
NEW
|
---
|
2022-10-11
|
1515783
|
|
Paste listener should not fire on middle-click; can silently leak clipboard data on routine user actions
|
Core
|
DOM: UI Events & Foc
|
nobody
|
NEW
|
---
|
2022-10-11
|
1519518
|
|
(Bypassing Mozilla Firefox Data URL blocking)
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2024-05-30
|
1556718
|
|
Addons "check for updates" shows "no updates available" instead of errors
|
Toolkit
|
Add-ons Manager
|
nobody
|
NEW
|
---
|
2021-06-30
|
1605982
|
|
general.useragent.override pref must be sanitized before use (prefs can contain newlines)
|
Core
|
Networking
|
nobody
|
NEW
|
---
|
2024-05-30
|
1610450
|
|
Referrer Policy and about:blank/javascript: URL inheritance is broken
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2022-04-27
|
1620920
|
|
UI Spoofing: chrome.windows.create of WebExtensions can create a fullscreen window without a warning
|
WebExtensions
|
Frontend
|
nobody
|
NEW
|
---
|
2024-05-30
|
1629684
|
|
URL spoofing using 'very-long-hostname' URL
|
Firefox
|
Address Bar
|
nobody
|
NEW
|
---
|
2023-11-01
|
1642623
|
|
User's search term is accidentally sent to ISP without user's consent.
|
Firefox
|
Address Bar
|
nobody
|
NEW
|
---
|
2022-08-31
|
1647748
|
|
Middle clicking text input on Linux fills the selected autocomplete option
|
Toolkit
|
Form Manager
|
nobody
|
NEW
|
---
|
2020-06-30
|
1693212
|
|
getClientRects plus CSS Animation can synthesize a RAF-interval-resolution timing probe
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2023-02-09
|
1714565
|
|
Status bar URL spoofing without Javascript (using IDN whole-script confusables)
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2024-05-30
|
1731181
|
|
Address bar, security windows show origin elided insecurely, allows URL spoofing
|
Focus
|
General
|
nobody
|
NEW
|
---
|
2023-06-05
|
1732012
|
|
X-Frame-Options is ignored on redirection status-codes without a location header (unlike CSP frame-ancestors)
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2024-06-04
|
1759002
|
|
Dynamically added CSP not respected for preloaded resource discovery
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2022-07-19
|
1768040
|
|
CSP check is done against the text at the time of preparing but evaluation uses different text if updated after preparation
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2022-05-09
|
1815039
|
|
The <meta name="referrer" content="no-referrer"> not inherited by javascript: URL documents
|
Core
|
DOM: Security
|
nobody
|
NEW
|
---
|
2024-07-09
|
1830519
|
|
Iframe with sandbox not block HTTP authentication dialogs
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2024-06-02
|
1835517
|
|
alt prompt can cover fullscreen notifications
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2024-05-30
|
1839370
|
|
No security time delay in Firefox Executable Opening Warning
|
Toolkit
|
Downloads API
|
nobody
|
NEW
|
---
|
2024-05-30
|
1853005
|
|
Malicious File Downloads via detecting header differences between the <embed> Tag and "save video" context menu item
|
Firefox
|
Menus
|
nobody
|
NEW
|
---
|
2024-05-30
|
1868171
|
|
Excessive Input Form with scroll down can spoof hidden address bar
|
Fenix
|
Toolbar
|
nobody
|
NEW
|
---
|
2024-07-12
|
1880634
|
|
MozTogglePictureInPicture event is visible to web content
|
Toolkit
|
Picture-in-Picture
|
nobody
|
NEW
|
---
|
2024-06-02
|
1276177
|
|
Security Disclosure: Malicious use of the phone's Gyroscope
|
Core
|
DOM: Device Interfac
|
nobody
|
NEW
|
---
|
2022-10-11
|
1470236
|
|
Disable unused SCTP extensions not used in WebRTC DataChannels
|
Core
|
WebRTC: Networking
|
nobody
|
NEW
|
---
|
2022-07-25
|
1536243
|
|
Conditional jump or move depends on uninitialized values created by mozilla::FFmpegDataDecoder<57>::InitDecoder
|
Core
|
Audio/Video: Playbac
|
nobody
|
NEW
|
---
|
2024-07-02
|
504527
|
|
treatment of alternate NTFS streams in NSPR calls
|
NSPR
|
NSPR
|
nobody
|
NEW
|
---
|
2022-06-07
|
525831
|
|
Unicode TLDs with RTL characters can be used to spoof the domain part of the URL
|
Core
|
Networking
|
nobody
|
NEW
|
---
|
2022-10-10
|
560388
|
|
Bogus content-type headers indistinguishable from absence of content-type header
|
Core
|
Networking: HTTP
|
nobody
|
NEW
|
---
|
2022-10-10
|
630315
|
|
Enable Extended Protection (channel and service bindng) for NTLM authentication on linux
|
Core
|
Networking: HTTP
|
nobody
|
NEW
|
---
|
2022-10-10
|
642264
|
|
Content can fill places.db with spurious history entries and generate significant disk IO by rapidly modifying window.location.hash
|
Toolkit
|
Places
|
nobody
|
NEW
|
---
|
2024-02-15
|
1230354
|
|
Executable planting / Drive-by cache vulnerability
|
Core
|
Networking: Cache
|
nobody
|
NEW
|
---
|
2024-05-30
|
1404682
|
|
The firefox executable dynamically loads dylib/so files
|
Toolkit
|
General
|
nobody
|
NEW
|
---
|
2024-05-30
|
1535187
|
|
Investigate whether 1486521.html is still crashing Android verify build
|
Core
|
Layout
|
nobody
|
NEW
|
---
|
2022-10-11
|
1608687
|
|
Master password prompt gives the appearance of a security check, but can be bypassed once it was already unlocked
|
Firefox
|
about:logins
|
nobody
|
NEW
|
---
|
2024-05-30
|
1656735
|
|
URL spoofing on Android with U+03XX (Combining Dots)
|
Fenix
|
Toolbar
|
nobody
|
NEW
|
---
|
2024-05-30
|
1749129
|
|
Side-channel attack can deanonymize users (potential risk to journalists and activists)
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2023-06-06
|
1889942
|
|
HTML Injection in resource:// scheme on Fenix error pages
|
Fenix
|
Browser Engine
|
nobody
|
NEW
|
---
|
2024-05-30
|
1907866
|
|
Browser hangs when pasting very large string into URL bar
|
Firefox
|
Address Bar
|
nobody
|
NEW
|
---
|
2024-07-15
|
104303
|
|
script can make a window larger than the screen (Linux)
|
SeaMonkey
|
UI Design
|
nobody
|
NEW
|
---
|
2012-05-20
|
160471
|
|
Bookmarks should not save password in URL
|
SeaMonkey
|
Bookmarks & History
|
nobody
|
NEW
|
---
|
2024-05-01
|
267123
|
|
[SA12979-2] File ext != Content-Type left intact when downloading
|
Toolkit
|
Downloads API
|
nobody
|
NEW
|
---
|
2022-10-10
|
304905
|
|
UnEscapeURIForUI should leave %HH in hostname escaped
|
Core
|
Internationalization
|
nobody
|
NEW
|
---
|
2022-10-10
|
307087
|
|
When viewing an HTML email message that contains a <AREA HREF="..."> inside of a <A HREF="..."> tag the statusbar incorectly displays the URL for the <A> rather than for the <AREA>.
|
Thunderbird
|
Mail Window Front En
|
nobody
|
NEW
|
---
|
2022-10-10
|
307828
|
|
Information leak of file names being viewed from web pages
|
Firefox
|
File Handling
|
nobody
|
NEW
|
---
|
2022-10-10
|
363132
|
|
By making Cut/Copy shortcut fail, a site can see your clipboard with little cooperation
|
Core
|
DOM: Editor
|
nobody
|
NEW
|
---
|
2022-10-10
|
438760
|
|
Firefox 3 allows form submission POST from https to http action
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2022-10-10
|
494595
|
|
potential overflow in EvaluateAdminConfigScript
|
Core
|
Preferences: Backend
|
nobody
|
NEW
|
---
|
2022-10-10
|
509961
|
|
Spamming history (autocomplete, awesomebar) can result in user being phished
|
Firefox
|
Security
|
nobody
|
NEW
|
---
|
2022-10-10
|
543156
|
|
Forms with enctype="text/plain" send payload as plain text, allowing cross-protocol scripting attacks
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2022-10-10
|
570658
|
|
Username-in-URL obfuscation warning isn't shown for iframe loads
|
Core
|
DOM: Navigation
|
nobody
|
NEW
|
---
|
2022-10-10
|
608899
|
|
Maybe purge pending keyboard / mouse events when window destroyed?
|
Core
|
DOM: UI Events & Foc
|
nobody
|
NEW
|
---
|
2022-10-10
|
616619
|
|
Autocomplete allows sites to see what other sites a user has visited and possible data as well
|
Toolkit
|
Form Manager
|
nobody
|
NEW
|
---
|
2024-04-01
|
664556
|
|
Don't allow navigation from chrome to content (open content in a new tab instead)
|
Firefox
|
General
|
nobody
|
NEW
|
---
|
2022-10-10
|
672827
|
|
Implement hmac + bcrypt password storage using Plugin for BMO Instance
|
bugzilla.mozilla.org
|
General
|
nobody
|
NEW
|
---
|
2022-05-26
|
742687
|
|
Tooltips originating from a tab page are shown in other tab pages
|
Core
|
General
|
nobody
|
NEW
|
---
|
2022-10-10
|
788180
|
|
view-source: recursion
|
Toolkit
|
View Source
|
nobody
|
NEW
|
---
|
2022-10-10
|
801438
|
|
Fake site without URL while loading never finishes
|
Firefox
|
Security
|
nobody
|
NEW
|
---
|
2022-10-10
|
918264
|
|
WINDOWS URL bar Spoofing when press F11 for go to full screen
|
Core
|
General
|
nobody
|
NEW
|
---
|
2024-05-30
|
957631
|
|
PostToInsecureFromSecureMessage does not block the plaintext transmission. Cancel button useless?
|
Firefox
|
Security
|
nobody
|
NEW
|
---
|
2022-10-11
|
1031060
|
|
drag and drop with a cursor in content is redirected to location bar
|
Core
|
Widget: Cocoa
|
nobody
|
NEW
|
---
|
2024-05-30
|
1106944
|
|
mailto: "Use Thunderbird (default)" spawns open a bunch of Internet Explorer windows/processes.
|
Core
|
DOM: Navigation
|
nobody
|
NEW
|
---
|
2024-03-11
|
1167856
|
|
Client configuration leakage via JS/protocol checking
|
Core
|
General
|
nobody
|
NEW
|
---
|
2024-05-30
|
1174536
|
|
JiffiesSinceBoot could read unowned memory
|
Core
|
XPCOM
|
nobody
|
NEW
|
---
|
2022-10-11
|
1178104
|
|
Propagate referrer policy throughout the UI: command-click and context menu open link in new tab/window (Port relevant bits from Bug 1113431)
|
SeaMonkey
|
General
|
nobody
|
NEW
|
---
|
2016-12-29
|
1224425
|
|
HTML injection with the page title in reader view
|
Firefox for iOS
|
Reader View
|
nobody
|
NEW
|
---
|
2024-05-30
|
1290635
|
|
Insecure temporary files for child process crash-time metadata
|
Toolkit
|
Crash Reporting
|
nobody
|
NEW
|
---
|
2022-10-11
|
1324496
|
|
MySQL full text pattern language injection in /jsonrpc.cgi summary string results in SQL error in JSON response
|
bugzilla.mozilla.org
|
API
|
nobody
|
NEW
|
---
|
2017-12-07
|
1329005
|
|
Clickjacking on input.mozilla.org (SurveyGizmo)
|
Websites
|
Other
|
nobody
|
NEW
|
---
|
2024-05-30
|
1329264
|
|
create account provides too much information to potential malicious users
|
bugzilla.mozilla.org
|
General
|
nobody
|
NEW
|
---
|
2019-04-06
|
1422860
|
|
Privacy Issue: Replying to or forwarding an HTML e-mail with external content (e.g. images), and clicking on it, may load this content without user notification - take 2
|
MailNews Core
|
Composition
|
nobody
|
NEW
|
---
|
2019-08-16
|
1470673
|
|
HTML email hover over URL spoof
|
Thunderbird
|
Security
|
nobody
|
NEW
|
---
|
2022-10-11
|
1497497
|
|
Bugzilla's HMAC signatures ignore structure of signed data
|
bugzilla.mozilla.org
|
General
|
nobody
|
NEW
|
---
|
2024-05-30
|
1508030
|
|
Thunderbird accidentally triggers DOS attacks: click links in mails without standard browser configured, starts sending requests more than 10 times per second
|
Thunderbird
|
Message Reader UI
|
nobody
|
NEW
|
---
|
2024-05-21
|
1691251
|
|
Spoofing identity UI and hiding certificate details by forcing SSL connection to be presented as local resource
|
Firefox
|
Security
|
nobody
|
NEW
|
---
|
2024-05-30
|
1703999
|
|
use-after-poison in [@ nsFloatManager::GetFlowArea]
|
Core
|
Layout: Floats
|
nobody
|
NEW
|
---
|
2023-06-08
|
1723707
|
|
Origin shown during alert() is controlled by child process
|
Toolkit
|
Content Prompts
|
nobody
|
NEW
|
---
|
2023-06-22
|
1747992
|
|
use-after-poison in nsIFrame::StyleDisplay
|
Core
|
Layout: Columns
|
nobody
|
NEW
|
---
|
2022-02-03
|
1748366
|
|
PR_SetEnv/setenv/putenv races with non-nspr reads from the environment
|
Core
|
XPCOM
|
nobody
|
NEW
|
---
|
2024-01-10
|
1827442
|
|
Browser hangs when pasting very large string into URL bar
|
Core
|
Layout: Text and Fon
|
nobody
|
NEW
|
---
|
2024-07-15
|
1832671
|
|
Picture In Picture Can hide overlap the fullscreen notification
|
Core
|
DOM: Core & HTML
|
nobody
|
NEW
|
---
|
2024-05-30
|
1837916
|
|
Firefox for iOS QR Code Scanner does not show the URL for user confirmation before opening it
|
Firefox for iOS
|
General
|
nobody
|
NEW
|
---
|
2024-07-03
|
1838888
|
|
crash at [@ atidxx64.dll | CContext::TID3D11DeviceContext_ClearRenderTargetView_<T> ]
|
Core
|
Graphics
|
nobody
|
NEW
|
---
|
2024-05-30
|
1866907
|
|
IOS Address Bar Spoofing via q= paramter allows redirect user to macilious link & javascript url
|
Firefox for iOS
|
General
|
nobody
|
NEW
|
---
|
2024-07-14
|
1868925
|
|
A large number of emojis in the document title makes the parent process sluggish/unresponsive/crashy
|
Core
|
Graphics
|
nobody
|
NEW
|
---
|
2024-06-05
|
795323
|
|
directory listing in http://planet.mozilla.org
|
Websites
|
planet.mozilla.org
|
reed
|
NEW
|
---
|
2024-05-30
|
1299910
|
|
blog.mozillabrasil.org.br needs security updates
|
Participation Infras
|
Security
|
yousef
|
NEW
|
---
|
2024-05-30
|
1598466
|
|
mXSS/HTML parser ambiguity with SVG and P nested
|
Core
|
DOM: HTML Parser
|
hsivonen
|
REOP
|
---
|
2023-08-07
|
1908623
|
|
Intermittent SUMMARY: ThreadSanitizer: data race /builds/worker/checkouts/gecko/security/nss/lib/softoken/pkcs11u.c:997:53 in sftk_PutObjectToList
|
NSS
|
Libraries
|
jschanck
|
REOP
|
---
|
23:41:22
|
980909
|
|
Contents of previous URL still showed & interactive while loading & showing another URL in the Location bar
|
Firefox
|
Address Bar
|
nobody
|
REOP
|
---
|
2022-10-11
|
1299571
|
|
Can remove about:addons
|
WebExtensions
|
General
|
nobody
|
REOP
|
---
|
2022-10-11
|
1332714
|
|
IDN Phishing using whole-script confusables on Windows and Linux
|
Firefox
|
Address Bar
|
nobody
|
REOP
|
---
|
2024-06-28
|
1493596
|
|
Screenshots of logged in pages show up on the New Tab page
|
Firefox
|
New Tab Page
|
nobody
|
REOP
|
---
|
2023-09-07
|
1543202
|
|
Keyboard shortcut highlights menu despite being consumed by web content
|
Core
|
Widget: Cocoa
|
nobody
|
REOP
|
---
|
2022-10-11
|
1546656
|
|
mXSS via <math>
|
Core
|
DOM: Serializers
|
nobody
|
REOP
|
---
|
2022-10-11
|
1577584
|
|
reference binding to address with insufficient space for an object of type 'const OT::LangSys'
|
Core
|
Graphics: Text
|
nobody
|
REOP
|
---
|
2022-10-11
|
1892040
|
|
Intermittent SUMMARY: ThreadSanitizer: data race /builds/worker/checkouts/gecko/extensions/spellcheck/src/mozPersonalDictionary.cpp:127:27 in mozPersonalDictionarySave::Run() | single tracking bug
|
Core
|
Spelling checker
|
smaug
|
REOP
|
---
|
06:42:40
|
1196267
|
|
URL and error message spoofing in about:neterror
|
Core
|
DOM: Core & HTML
|
nobody
|
REOP
|
---
|
2024-05-30
|
1804816
|
|
Css Draw Mouse Cursor 32x32 (zoom out) to hide omni box
|
Core
|
DOM: CSS Object Mode
|
nobody
|
REOP
|
---
|
2024-05-30
|
670887
|
|
create account provides too much information to potential malicious users
|
Bugzilla
|
User Accounts
|
user-accounts
|
REOP
|
---
|
2017-01-09
|