This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Are any versions of Firefox susceptable to Heartbleed bug CVE-2014-0160 ?

more options

Do any versions of Firefox use OpenSSL? if so, which versions of Firefox would be vulnerable to the Heartbleed bug CVE-2014-0160 that has recently been identified. As covered in: http://heartbleed.com/ http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

Do any versions of Firefox use OpenSSL? if so, which versions of Firefox would be vulnerable to the Heartbleed bug CVE-2014-0160 that has recently been identified. As covered in: http://heartbleed.com/ http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

Chosen solution

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/

Read this answer in context 👍 17

All Replies (3)

more options

Chosen Solution

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/

more options

An interesting article on the Heartbleed vulnerability and its probable extent

more options