Total vulnerabilities in the database
Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | - | 42.0.x |
| fedoraproject / fedora | 22 | 22.x |
| fedoraproject / fedora | 23 | 23.x |
| opensuse / leap | 42.1 | 42.1.x |
| opensuse / opensuse | 13.1 | 13.1.x |
| opensuse / opensuse | 13.2 | 13.2.x |