Debian Firefox vulnerabilities
1,550 known vulnerabilities affecting debian/firefox.
Total CVEs
1,550
CISA KEV
11
actively exploited
Public exploits
39
Exploited in wild
20
Severity breakdown
CRITICAL333HIGH633MEDIUM542LOW42
Vulnerabilities
Page 56 of 78
CVE-2016-5282P4MEDIUMCVSS 6.5fixed in firefox 49.0-1 (sid)2016
CVE-2016-5282 [MEDIUM] CVE-2016-5282: firefox - Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon req...
Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.
Scope: local
sid: resolved (fixed in 49.0-1)
debian
CVE-2018-12385P4HIGHCVSS 7.0fixed in firefox 62.0.2-1 (sid)2018
CVE-2018-12385 [HIGH] CVE-2018-12385: firefox - A potentially exploitable crash in TransportSecurityInfo used for SSL can be tri...
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup c
debian
CVE-2018-18497P4MEDIUMCVSS 6.5fixed in firefox 64.0-1 (sid)2018
CVE-2018-18497 [MEDIUM] CVE-2018-18497: firefox - Limitations on the URIs allowed to WebExtensions by the browser.windows.create A...
Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64.
Scope: local
sid: resolved (fixed i
debian
CVE-2018-12402P4MEDIUMCVSS 6.5fixed in firefox 63.0-1 (sid)2018
CVE-2018-12402 [MEDIUM] CVE-2018-12402: firefox - The internal WebBrowserPersist code does not use correct origin context for a re...
The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince t
debian
CVE-2006-1531P4MEDIUMCVSS 7.5fixed in firefox 1.5.0.2 (sid)2006
CVE-2006-1531 [HIGH] CVE-2006-1531: firefox - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonk...
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530,
debian
CVE-2006-1530P4MEDIUMCVSS 7.5fixed in firefox 1.5.0.2 (sid)2006
CVE-2006-1530 [HIGH] CVE-2006-1530: firefox - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonk...
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530,
debian
CVE-2020-15666P4MEDIUMCVSS 6.5fixed in firefox 80.0-1 (sid)2020
CVE-2020-15666 [MEDIUM] CVE-2020-15666: firefox - When trying to load a non-video in an audio/video context the exact status code ...
When trying to load a non-video in an audio/video context the exact status code (200, 302, 404, 500, 412, 403, etc.) was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status to services or device discovery on a local network among other atta
debian
CVE-2020-15658P4MEDIUMCVSS 6.5fixed in firefox 79.0-1 (sid)2020
CVE-2020-15658 [MEDIUM] CVE-2020-15658: firefox - The code for downloading files did not properly take care of special characters,...
The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
Scope: local
sid: resolved (fixed in
debian
CVE-2019-11747P4MEDIUMCVSS 6.5fixed in firefox 69.0-1 (sid)2019
CVE-2019-11747 [MEDIUM] CVE-2019-11747: firefox - The "Forget about this site" feature in the History pane is intended to remove a...
The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the u
debian
CVE-2006-1723P4MEDIUMCVSS 7.5fixed in firefox 1.5.dfsg+1.5.0.2 (sid)2006
CVE-2006-1723 [HIGH] CVE-2006-1723: firefox - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonk...
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530,
debian
CVE-2021-29982P4MEDIUMCVSS 6.5fixed in firefox 91.0-1 (sid)2021
CVE-2021-29982 [MEDIUM] CVE-2021-29982: firefox - Due to incorrect JIT optimization, we incorrectly interpreted data from the wron...
Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox < 91 and Thunderbird < 91.
Scope: local
sid: resolved (fixed in 91.0-1)
debian
CVE-2021-23984P4MEDIUMCVSS 6.5fixed in firefox 87.0-1 (sid)2021
CVE-2021-23984 [MEDIUM] CVE-2021-23984: firefox - A malicious extension could have opened a popup window lacking an address bar. T...
A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird
debian
CVE-2022-40958P4MEDIUMCVSS 6.5fixed in firefox 105.0-1 (sid)2022
CVE-2022-40958 [MEDIUM] CVE-2022-40958: firefox - By injecting a cookie with certain special characters, an attacker on a shared s...
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Scope: local
sid: resolved (fixed in 105.0-1)
debian
CVE-2022-40957P4MEDIUMCVSS 6.5fixed in firefox 105.0-1 (sid)2022
CVE-2022-40957 [MEDIUM] CVE-2022-40957: firefox - Inconsistent data in instruction and data cache when creating wasm code could le...
Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Scope: local
sid: resolved (fixed in 105.0-1)
debian
CVE-2023-5171P4MEDIUMCVSS 6.5fixed in firefox 118.0-1 (sid)2023
CVE-2023-5171 [MEDIUM] CVE-2023-5171: firefox - During Ion compilation, a Garbage Collection could have resulted in a use-after-...
During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Scope: local
sid: resolved (fixed in 118.0-1)
debian
CVE-2020-12407P4MEDIUMCVSS 6.5fixed in firefox 77.0-1 (sid)2020
CVE-2020-12407 [MEDIUM] CVE-2020-12407: firefox - Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would u...
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox < 77.
Scope: local
sid: resolved (fixed in 77.0-1)
debian
CVE-2006-0292P4HIGHCVSS 7.5fixed in firefox 1.5.dfsg+1.5.0.1-1 (sid)2006
CVE-2006-0292 [HIGH] CVE-2006-0292: firefox - The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does...
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection.
Scope: local
sid: resolved (fixed in 1.5.dfsg+1.5.0.1-1)
debian
CVE-2019-11738P4MEDIUMCVSS 6.3fixed in firefox 69.0-1 (sid)2019
CVE-2019-11738 [MEDIUM] CVE-2019-11738: firefox - If a Content Security Policy (CSP) directive is defined that uses a hash-based s...
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
Scope: local
sid: resolved (fixed in 69
debian
CVE-2021-29987P4MEDIUMCVSS 6.5fixed in firefox 91.0-1 (sid)2021
CVE-2021-29987 [MEDIUM] CVE-2021-29987: firefox - After requesting multiple permissions, and closing the first permission panel, s...
After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. *This bug only affects Firefox on Linux. Other operating systems are unaffected.*
debian
CVE-2019-11765P4MEDIUMCVSS 6.5fixed in firefox 70.0-1 (sid)2019
CVE-2019-11765 [MEDIUM] CVE-2019-11765: firefox - A compromised content process could send a message to the parent process that wo...
A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted rather than the 'Click to Play' permission. This vulnerability affects
debian