Debian Firefox vulnerabilities
1,550 known vulnerabilities affecting debian/firefox.
Total CVEs
1,550
CISA KEV
11
actively exploited
Public exploits
39
Exploited in wild
20
Severity breakdown
CRITICAL333HIGH633MEDIUM542LOW42
Vulnerabilities
Page 21 of 78
CVE-2025-3034P3HIGHCVSS 8.1fixed in firefox 137.0-1 (sid)2025
CVE-2025-3034 [HIGH] CVE-2025-3034: firefox - Memory safety bugs present in Firefox 136 and Thunderbird 136. Some of these bug...
Memory safety bugs present in Firefox 136 and Thunderbird 136. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137 and Thunderbird < 137.
Scope: local
sid: resolved (fixed in 137.0-1)
debian
CVE-2018-12359P3HIGHCVSS 8.8fixed in firefox 61.0-1 (sid)2018
CVE-2018-12359 [HIGH] CVE-2018-12359: firefox - A buffer overflow can occur when rendering canvas content while adjusting the he...
A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox
debian
CVE-2025-13018P3HIGHCVSS 8.1fixed in firefox 145.0-1 (sid)2025
CVE-2025-13018 [HIGH] CVE-2025-13018: firefox - Mitigation bypass in the DOM: Security component. This vulnerability affects Fir...
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
Scope: local
sid: resolved (fixed in 145.0-1)
debian
CVE-2006-1735P3HIGHCVSS 9.3fixed in firefox 1.5.dfsg+1.5.0.2-2 (sid)2006
CVE-2006-1735 [CRITICAL] CVE-2006-1735: firefox - Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla S...
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
Scope: local
sid: resolved (fixed in 1.5.dfsg+1.5.0.2-2)
debian
CVE-2016-5261P3HIGHCVSS 8.8fixed in firefox 48.0-1 (sid)2016
CVE-2016-5261 [HIGH] CVE-2016-5261: firefox - Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mo...
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
Scope: local
sid: resolved (fixed in 48.0-1)
debian
CVE-2020-12390P3CRITICALCVSS 9.8fixed in firefox 76.0-1 (sid)2020
CVE-2020-12390 [CRITICAL] CVE-2020-12390: firefox - Incorrect origin serialization of URLs with IPv6 addresses could lead to incorre...
Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.
Scope: local
sid: resolved (fixed in 76.0-1)
debian
CVE-2025-59375P3HIGHCVSS 7.5fixed in expat 2.7.2-1 (forky)2025
CVE-2025-59375 [HIGH] CVE-2025-59375: expat - libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory ...
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
Scope: local
bookworm: open
bullseye: open
forky: resolved (fixed in 2.7.2-1)
sid: resolved (fixed in 2.7.2-1)
trixie: open
debian
CVE-2005-4720P4MEDIUMCVSS 5.0PoCfixed in firefox 1.5.dfsg-1 (sid)2005
CVE-2005-4720 [MEDIUM] CVE-2005-4720: firefox - Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a de...
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack.
Sco
debian
CVE-2018-5116P3CRITICALCVSS 9.8fixed in firefox 58.0-1 (sid)2018
CVE-2018-5116 [CRITICAL] CVE-2018-5116: firefox - WebExtensions with the "ActiveTab" permission are able to access frames hosted w...
WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission. This vulnerability affects Firefox < 58.
Scope: local
debian
CVE-2023-5173P3HIGHCVSS 7.5fixed in firefox 118.0-1 (sid)2023
CVE-2023-5173 [HIGH] CVE-2023-5173: firefox - In a non-standard configuration of Firefox, an integer overflow could have occur...
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.*
debian
CVE-2019-15903P3LOWCVSS 7.5fixed in expat 2.2.7-2 (bookworm)2019
CVE-2019-15903 [HIGH] CVE-2019-15903: chromium - In libexpat before 2.2.8, crafted XML input could fool the parser into changing ...
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
debian
CVE-2025-1937P3HIGHCVSS 7.5fixed in firefox 136.0-1 (sid)2025
CVE-2025-1937 [HIGH] CVE-2025-1937: firefox - Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, ...
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thund
debian
CVE-2023-25736P3CRITICALCVSS 9.8fixed in firefox 110.0-1 (sid)2023
CVE-2023-25736 [CRITICAL] CVE-2023-25736: firefox - An invalid downcast from `nsHTMLDocument` to `nsIContent` could have lead to und...
An invalid downcast from `nsHTMLDocument` to `nsIContent` could have lead to undefined behavior. This vulnerability affects Firefox < 110.
Scope: local
sid: resolved (fixed in 110.0-1)
debian
CVE-2025-1942P3CRITICALCVSS 9.8fixed in firefox 136.0-1 (sid)2025
CVE-2025-1942 [CRITICAL] CVE-2025-1942: firefox - When String.toUpperCase() caused a string to get longer it was possible for unin...
When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 136.
Scope: local
sid: resolved (fixed in 136.0-1)
debian
CVE-2016-1961P3HIGHCVSS 8.8fixed in firefox 45.0-1 (sid)2016
CVE-2016-1961 [HIGH] CVE-2016-1961: firefox - Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html...
Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.
Scope: local
sid: resolved (fixed in 45.0-1)
debian
CVE-2018-5129P3HIGHCVSS 8.6fixed in firefox 59.0-1 (sid)2018
CVE-2018-5129 [HIGH] CVE-2018-5129: firefox - A lack of parameter validation on IPC messages results in a potential out-of-bou...
A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
Scope: local
sid: resolved (fixed in 59.0-1)
debian
CVE-2016-5272P3HIGHCVSS 8.8fixed in firefox 49.0-1 (sid)2016
CVE-2016-5272 [HIGH] CVE-2016-5272: firefox - The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x ...
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.
Scope: local
sid: resolved (fixed in 49.0-1)
debian
CVE-2006-1726P3HIGHCVSS 9.3fixed in firefox 1.5.dfsg+1.5.0.2-1 (sid)2006
CVE-2006-1726 [CRITICAL] CVE-2006-1726: firefox - Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and Sea...
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
Scope: local
sid: resolved (fixed in 1.5.dfsg+1.5.0.2-1)
debian
CVE-2016-9078P3HIGHCVSS 8.8fixed in firefox 50.0.2-1 (sid)2016
CVE-2016-9078 [HIGH] CVE-2016-9078: firefox - Redirection from an HTTP connection to a "data:" URL assigns the referring site'...
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50.
debian
CVE-2019-17008P3HIGHCVSS 8.8fixed in firefox 71.0-1 (sid)2019
CVE-2019-17008 [HIGH] CVE-2019-17008: firefox - When using nested workers, a use-after-free could occur during worker destructio...
When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
Scope: local
sid: resolved (fixed in 71.0-1)
debian