彙總 netsurf-browser 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 記憶體損壞、緩衝區溢位與路徑處理缺陷,在 生產負載與軟體部署 使用場景中可能帶來 應用程式崩潰、記憶體損壞與檔案覆寫 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-45663 | An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a dom_event structure. | [email protected] | 6.5 | 0.30% | 2025-11-03 | 2026-06-17 |
| CVE-2025-29699 | NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function. | [email protected] | 6.5 | 0.27% | 2025-11-03 | 2026-06-17 |
| CVE-2024-51317 | An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the dom_node_normalize function | [email protected] | 6.5 | 0.36% | 2025-11-03 | 2026-06-17 |
| CVE-2012-0844 | Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. | [email protected] | 5.5 | 0.42% | 2020-02-21 | 2026-06-16 |
| CVE-2015-7507 | libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function. | [email protected] | 7.5 | 2.05% | 2020-02-18 | 2026-06-16 |
| CVE-2015-7505 | Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file. | [email protected] | 8.8 | 2.80% | 2020-02-18 | 2026-06-16 |
| CVE-2015-7506 | The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file. | [email protected] | 6.5 | 1.07% | 2020-02-18 | 2026-06-16 |
| CVE-2015-7508 | Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file. | [email protected] | 8.8 | 2.80% | 2020-02-11 | 2026-06-16 |