汇总 netsurf-browser 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
常见弱点模式包括 内存损坏、缓冲区溢出与路径处理缺陷,在 生产负载与软件部署 使用场景中可能带来 应用崩溃、内存损坏与文件覆盖 等风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2025-45663 | An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure. | [email protected] | 6.5 | 0.30% | 2025-11-03 | 2026-06-17 |
| CVE-2025-29699 | NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function. | [email protected] | 6.5 | 0.27% | 2025-11-03 | 2026-06-17 |
| CVE-2024-51317 | An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function | [email protected] | 6.5 | 0.36% | 2025-11-03 | 2026-06-17 |
| CVE-2012-0844 | Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. | [email protected] | 5.5 | 0.42% | 2020-02-21 | 2026-06-16 |
| CVE-2015-7507 | libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function. | [email protected] | 7.5 | 2.10% | 2020-02-18 | 2026-06-16 |
| CVE-2015-7505 | Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file. | [email protected] | 8.8 | 2.88% | 2020-02-18 | 2026-06-16 |
| CVE-2015-7506 | The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file. | [email protected] | 6.5 | 1.07% | 2020-02-18 | 2026-06-16 |
| CVE-2015-7508 | Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file. | [email protected] | 8.8 | 2.88% | 2020-02-11 | 2026-06-16 |