cbcvebase.

Debian Firefox vulnerabilities

1,550 known vulnerabilities affecting debian/firefox.

Total CVEs
1,550
CISA KEV
11
actively exploited
Public exploits
39
Exploited in wild
20
Severity breakdown
CRITICAL333HIGH633MEDIUM542LOW42

Vulnerabilities

Page 11 of 78
CVE-2018-5158P3HIGHCVSS 8.8fixed in firefox 60.0-1 (sid)2018
CVE-2018-5158 [HIGH] CVE-2018-5158: firefox - The PDF viewer does not sufficiently sanitize PostScript calculator functions, a... The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60. Scope: local sid: resolved (fixed in 60.0-1)
debian
CVE-2017-7828P3CRITICALCVSS 9.8fixed in firefox 57.0-1 (sid)2017
CVE-2017-7828 [CRITICAL] CVE-2017-7828: firefox - A use-after-free vulnerability can occur when flushing and resizing layout becau... A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5. Scope: local sid: resolved (fixed in 57.0-1)
debian
CVE-2020-26972P3CRITICALCVSS 9.8fixed in firefox 84.0-1 (sid)2020
CVE-2020-26972 [CRITICAL] CVE-2020-26972: firefox - The lifecycle of IPC Actors allows managed actors to outlive their manager actor... The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 84. Scope: local sid: resolved (fixed in
debian
CVE-2016-2814P3HIGHCVSS 8.8fixed in firefox 46.0-1 (sid)2016
CVE-2016-2814 [HIGH] CVE-2016-2814: firefox - Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo ... Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table. Scope: local sid: resolved (fixed in 46.0-1)
debian
CVE-2018-5097P3CRITICALCVSS 9.8fixed in firefox 58.0-1 (sid)2018
CVE-2018-5097 [CRITICAL] CVE-2018-5097: firefox - A use-after-free vulnerability can occur during XSL transformations when the sou... A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Scope: local sid: resolved (fixed in 58.0-1)
debian
CVE-2024-6602P3CRITICALCVSS 9.8fixed in firefox 128.0-1 (sid)2024
CVE-2024-6602 [CRITICAL] CVE-2024-6602: firefox - A mismatch between allocator and deallocator could have led to memory corruption... A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)
debian
CVE-2023-34416P3CRITICALCVSS 9.8fixed in firefox 114.0-1 (sid)2023
CVE-2023-34416 [CRITICAL] CVE-2023-34416: firefox - Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 1... Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12. Scope: local sid: resolved (f
debian
CVE-2023-5175P3CRITICALCVSS 9.8fixed in firefox 118.0-1 (sid)2023
CVE-2023-5175 [CRITICAL] CVE-2023-5175: firefox - During process shutdown, it was possible that an `ImageBitmap` was created that ... During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118. Scope: local sid: resolved (fixed in 118.0-1)
debian
CVE-2024-9394P3HIGHCVSS 7.5fixed in firefox 131.0-1 (sid)2024
CVE-2024-9394 [HIGH] CVE-2024-9394: firefox - An attacker could, via a specially crafted multipart response, execute arbitrary... An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability
debian
CVE-2024-9401P3CRITICALCVSS 9.8fixed in firefox 131.0-1 (sid)2024
CVE-2024-9401 [CRITICAL] CVE-2024-9401: firefox - Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2... Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.
debian
CVE-2018-18356P3HIGHCVSS 8.8fixed in chromium 71.0.3578.80-1 (bookworm)2018
CVE-2018-18356 [HIGH] CVE-2018-18356: chromium - An integer overflow in path handling lead to a use after free in Skia in Google ... An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 71.0.3578.80-1) bullseye: resolved (fixed in 71.0.3578.80-1) forky: resolved (fixed in 71.0.3578.80-1) sid: resolved (fixed in
debian
CVE-2024-4764P3CRITICALCVSS 9.8fixed in firefox 126.0-1 (sid)2024
CVE-2024-4764 [CRITICAL] CVE-2024-4764: firefox - Multiple WebRTC threads could have claimed a newly connected audio input leading... Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. This vulnerability affects Firefox < 126. Scope: local sid: resolved (fixed in 126.0-1)
debian
CVE-2025-1017P3CRITICALCVSS 9.8fixed in firefox 135.0-1 (sid)2025
CVE-2025-1017 [CRITICAL] CVE-2025-1017: firefox - Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, a... Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
debian
CVE-2016-2811P3HIGHCVSS 8.8fixed in firefox 46.0-1 (sid)2016
CVE-2016-2811 [HIGH] CVE-2016-2811: firefox - Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worke... Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method. Scope: local sid: resolved (fixed in 46.0-1)
debian
CVE-2025-8044P3CRITICALCVSS 9.8fixed in firefox 141.0-1 (sid)2025
CVE-2025-8044 [CRITICAL] CVE-2025-8044: firefox - Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bug... Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141 and Thunderbird < 141. Scope: local sid: resolved (fixed in 141.0-1)
debian
CVE-2026-4723P3CRITICALCVSS 9.8fixed in firefox 149.0-1 (sid)2026
CVE-2026-4723 [CRITICAL] CVE-2026-4723: firefox - Use-after-free in the JavaScript Engine component. This vulnerability affects Fi... Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Thunderbird < 149. Scope: local sid: resolved (fixed in 149.0-1)
debian
CVE-2025-11710P3CRITICALCVSS 9.8fixed in firefox 144.0-1 (sid)2025
CVE-2025-11710 [CRITICAL] CVE-2025-11710: firefox - A compromised web process using malicious IPC messages could have caused the pri... A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4. Scope: local sid: resolved (fixed in 144.0-1)
debian
CVE-2025-8038P3CRITICALCVSS 9.8fixed in firefox 141.0-1 (sid)2025
CVE-2025-8038 [CRITICAL] CVE-2025-8038: firefox - Thunderbird ignored paths when checking the validity of navigations in a frame. ... Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1. Scope: local sid: resolved (fixed in 141.0-1)
debian
CVE-2016-1962P3CRITICALCVSS 9.8fixed in firefox 45.0-1 (sid)2016
CVE-2016-1962 [CRITICAL] CVE-2016-1962: firefox - Use-after-free vulnerability in the mozilla::DataChannelConnection::Close functi... Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections. Scope: local sid: resolved (fixed in 45.0-1)
debian
CVE-2020-6831P3CRITICALCVSS 9.8fixed in chromium 83.0.4103.83-1 (bookworm)2020
CVE-2020-6831 [CRITICAL] CVE-2020-6831: chromium - A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC.... A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. Scope: local bookworm: resolved (fixed in 83.0.4103.83-1) bullseye: resolved (fixed in 83.0.4103.83-1) forky: resolved
debian
Debian Firefox vulnerabilities | cvebase