Headline
CVE-2023-37456: Security Vulnerabilities fixed in Firefox for iOS 115
The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115.
Mozilla Foundation Security Advisory 2023-25
Announced
July 4, 2023
Impact
moderate
Products
Firefox for iOS
Fixed in
- Firefox for iOS 115
#CVE-2023-37455: Media permission request prompt showing from background tab
Reporter
Kazuki Nomoto
Impact
moderate
Description
The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab.
References
- Bug 1786934
#CVE-2023-37456: Browser crashed when session restore was called with an empty body
Reporter
Artem Chaykin
Impact
low
Description
The session restore helper crashed whenever there was no parameter sent to the message handler.
References
- Bug 1795496