Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Are any versions of Firefox susceptable to Heartbleed bug CVE-2014-0160 ?

pjhill
pjhill
more options

Do any versions of Firefox use OpenSSL? if so, which versions of Firefox would be vulnerable to the Heartbleed bug CVE-2014-0160 that has recently been identified. As covered in: http://heartbleed.com/ http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

Do any versions of Firefox use OpenSSL? if so, which versions of Firefox would be vulnerable to the Heartbleed bug CVE-2014-0160 that has recently been identified. As covered in: http://heartbleed.com/ http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

Isisombululo esikhethiwe

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/

Funda le mpendulo ngokuhambisana nalesi sihloko 👍 17

All Replies (3)

philipp
philipp
  • Moderator
more options

Isisombululo Esikhethiwe

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/

John99
John99
more options

An interesting article on the Heartbleed vulnerability and its probable extent

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Possibly also of interest: Does Mozilla have a plugin that will alert users when they visit a website that is still vulnerable to Heartbleed?