CVE-2023-6211

If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox 120...

Security Vulnerabilities fixed in Firefox 120 — Mozilla

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to ...

Mozilla Firefox < 120.0

The version of Firefox installed on the remote Windows host is prior to 120.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-49 advisory. - Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that...

Fedora 39 : firefox (2023-2bd5892754)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-2bd5892754 advisory. - Updated to latest upstream 120.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...