Debian Firefox vulnerabilities
1,550 known vulnerabilities affecting debian/firefox.
Total CVEs
1,550
CISA KEV
11
actively exploited
Public exploits
39
Exploited in wild
20
Severity breakdown
CRITICAL333HIGH633MEDIUM542LOW42
Vulnerabilities
Page 33 of 78
CVE-2023-4058P3CRITICALCVSS 9.8fixed in firefox 116.0-1 (sid)2023
CVE-2023-4058 [CRITICAL] CVE-2023-4058: firefox - Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of...
Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116.
Scope: local
sid: resolved (fixed in 116.0-1)
debian
CVE-2026-2783P3HIGHCVSS 7.5fixed in firefox 148.0-1 (sid)2026
CVE-2026-2783 [HIGH] CVE-2026-2783: firefox - Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT c...
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Scope: local
sid: resolved (fixed in 148.0-1)
debian
CVE-2024-6603P3HIGHCVSS 7.4fixed in firefox 128.0-1 (sid)2024
CVE-2024-6603 [HIGH] CVE-2024-6603: firefox - In an out-of-memory scenario an allocation could fail but free would have been c...
In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
Scope: local
sid: resolved (fixed in 128.0-1)
debian
CVE-2016-1966P3HIGHCVSS 8.8fixed in firefox 45.0-1 (sid)2016
CVE-2016-1966 [HIGH] CVE-2016-1966: firefox - The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp ...
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.
Scope: local
sid: resolved (fixed in 45.0-1)
debian
CVE-2016-1977P3HIGHCVSS 8.8fixed in firefox 45.0-1 (sid)2016
CVE-2016-1977 [HIGH] CVE-2016-1977: firefox - The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3....
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.
Scope: local
sid: resolved (fixed in 45.0-1)
debian
CVE-2018-12361P3HIGHCVSS 8.8fixed in firefox 61.0-1 (sid)2018
CVE-2018-12361 [HIGH] CVE-2018-12361: firefox - An integer overflow can occur in the SwizzleData code while calculating buffer s...
An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
Scope: local
sid: resolved (fixed in 61.0-1)
debian
CVE-2025-10528P3HIGHCVSS 7.3fixed in firefox 143.0-1 (sid)2025
CVE-2025-10528 [HIGH] CVE-2025-10528: firefox - Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canva...
Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
Scope: local
sid: resolved (fixed in 143.0-1)
debian
CVE-2025-5272P3HIGHCVSS 7.3fixed in firefox 139.0-1 (sid)2025
CVE-2025-5272 [HIGH] CVE-2025-5272: firefox - Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bug...
Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139 and Thunderbird < 139.
Scope: local
sid: resolved (fixed in 139.0-1)
debian
CVE-2018-5147P3HIGHCVSS 8.8fixed in firefox 59.0.1-1 (sid)2018
CVE-2018-5147 [HIGH] CVE-2018-5147: firefox - The libtremor library has the same flaw as CVE-2018-5146. This library is used b...
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
Scope: local
sid: resolved (fixed in 59.0.1-1)
debian
CVE-2019-17024P3HIGHCVSS 8.8fixed in firefox 72.0-1 (sid)2019
CVE-2019-17024 [HIGH] CVE-2019-17024: firefox - Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox...
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Scope: local
sid: resolved (fixed in 72.0-1)
debian
CVE-2017-5436P3HIGHCVSS 8.8fixed in firefox 52.0.1-1 (sid)2017
CVE-2017-5436 [HIGH] CVE-2017-5436: firefox - An out-of-bounds write in the Graphite 2 library triggered with a maliciously cr...
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
Scope: local
sid: resolved (fixed in 52
debian
CVE-2016-9905P3LOWCVSS 8.8fixed in firefox-esr 45.6.0esr-1 (bookworm)2016
CVE-2016-9905 [HIGH] CVE-2016-9905: firefox - A potentially exploitable crash in "EnumerateSubDocuments" while adding or remov...
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
Scope: local
sid: resolved
debian
CVE-2018-5130P3HIGHCVSS 8.8fixed in firefox 59.0-1 (sid)2018
CVE-2018-5130 [HIGH] CVE-2018-5130: firefox - When packets with a mismatched RTP payload type are sent in WebRTC connections, ...
When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.
Scope: local
sid: resolved (fixed in 59.0-1)
debian
CVE-2016-1954P3HIGHCVSS 8.8fixed in firefox 45.0-1 (sid)2016
CVE-2016-1954 [HIGH] CVE-2016-1954: firefox - The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozil...
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local
debian
CVE-2020-6514P3MEDIUMCVSS 6.5fixed in chromium 87.0.4280.88-0.1 (bookworm)2020
CVE-2020-6514 [MEDIUM] CVE-2020-6514: chromium - Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 al...
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
Scope: local
bookworm: resolved (fixed in 87.0.4280.88-0.1)
bullseye: resolved (fixed in 87.0.4280.88-0.1)
forky: resolved (fixed in 87.0.4280.88-0.1)
sid: resolved (fixe
debian
CVE-2019-17005P3HIGHCVSS 8.8fixed in firefox 71.0-1 (sid)2019
CVE-2019-17005 [HIGH] CVE-2019-17005: firefox - The plain text serializer used a fixed-size array for the number of <ol> element...
The plain text serializer used a fixed-size array for the number of elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
Scope: local
sid: resolved (fixed in 71.0-1)
debian
CVE-2016-9894P3HIGHCVSS 7.5fixed in firefox 50.1.0-1 (sid)2016
CVE-2016-9894 [HIGH] CVE-2016-9894: firefox - A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocat...
A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.1.
Scope: local
sid: resolved (fixed in 50.1.0-1)
debian
CVE-2017-7773P3HIGHCVSS 8.8fixed in firefox 54.0-1 (sid)2017
CVE-2017-7773 [HIGH] CVE-2017-7773: firefox - Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz...
Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.
Scope: local
sid: resolved (fixed in 54.0-1)
debian
CVE-2021-29980P3HIGHCVSS 8.8fixed in firefox 91.0-1 (sid)2021
CVE-2021-29980 [HIGH] CVE-2021-29980: firefox - Uninitialized memory in a canvas object could have caused an incorrect free() le...
Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
Scope: local
sid: resolved (fixed in 91.0-1)
debian
CVE-2018-18503P3HIGHCVSS 8.8fixed in firefox 65.0-1 (sid)2018
CVE-2018-18503 [HIGH] CVE-2018-18503: firefox - When JavaScript is used to create and manipulate an audio buffer, a potentially ...
When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.
Scope: local
sid: resolved (fixed in 65.0-1)
debian