SUSE CVE-2017-7789

If a server sends two Strict-Transport-Security STS headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security HSTS will not be enabled for the connection. This vulnerability affects Firefox 55...

CVE-2017-7794

On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating system...

CVE-2017-7780

Memory safety bugs were reported in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 55...

Mozilla Firefox has an unspecified vulnerability (CNVD-2017-222715)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 55. A remote attacker could exploit the vulnerability to perform unauthorized operations...

Mozilla Firefox memory misreference vulnerability (CNVD-2017-222751)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A memory misreference vulnerability exists in versions of Mozilla Firefox prior to 55. A remote attacker could exploit this vulnerability to cause a denial of service crash...