Are any versions of Firefox susceptable to Heartbleed bug CVE-2014-0160 ?

11 years ago

4/8/14, 4:53 PM

Do any versions of Firefox use OpenSSL? if so, which versions of Firefox would be vulnerable to the Heartbleed bug CVE-2014-0160 that has recently been identified. As covered in: http://heartbleed.com/ http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/

👍 17

Answer 1 · 2014-04-08 16:53:22

philipp

4/8/14, 9:42 PM

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/

Answer 2 · 2014-04-08 16:53:22

4/9/14, 5:06 AM

An interesting article on the Heartbleed vulnerability and its probable extent

Answer 3 · 2014-04-08 16:53:22

4/11/14, 10:02 AM