Debian Firefox vulnerabilities
1,550 known vulnerabilities affecting debian/firefox.
Total CVEs
1,550
CISA KEV
11
actively exploited
Public exploits
39
Exploited in wild
20
Severity breakdown
CRITICAL333HIGH633MEDIUM542LOW42
Vulnerabilities
Page 68 of 78
CVE-2016-2817P4MEDIUMCVSS 5.4fixed in firefox 46.0-1 (sid)2016
CVE-2016-2817 [MEDIUM] CVE-2016-2817: firefox - The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in...
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
Scope:
debian
CVE-2017-7833P4MEDIUMCVSS 5.3fixed in firefox 57.0-1 (sid)2017
CVE-2017-7833 [MEDIUM] CVE-2017-7833: firefox - Some Arabic and Indic vowel marker characters can be combined with Latin charact...
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects F
debian
CVE-2017-7838P4MEDIUMCVSS 5.3fixed in firefox 57.0-1 (sid)2017
CVE-2017-7838 [MEDIUM] CVE-2017-7838: firefox - Punycode format text will be displayed for entire qualified international domain...
Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying as punycode. This could be used for limited spoofing attacks due to user confusion. This vulnerability affects Firefo
debian
CVE-2020-6829P4MEDIUMCVSS 5.3fixed in firefox 80.0-1 (sid)2020
CVE-2020-6829 [MEDIUM] CVE-2020-6829: firefox - When performing EC scalar point multiplication, the wNAF point multiplication al...
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Scope: loca
debian
CVE-2017-7812P4MEDIUMCVSS 5.3fixed in firefox 56.0-1 (sid)2017
CVE-2017-7812 [MEDIUM] CVE-2017-7812: firefox - If web content on a page is dragged onto portions of the browser UI, such as the...
If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox < 56.
Scope: local
sid: resolved (fixed in 56.0-1)
debian
CVE-2017-7816P4MEDIUMCVSS 5.3fixed in firefox 56.0-1 (sid)2017
CVE-2017-7816 [MEDIUM] CVE-2017-7816: firefox - WebExtensions could use popups and panels in the extension UI to load an "about:...
WebExtensions could use popups and panels in the extension UI to load an "about:" privileged URL, violating security checks that disallow this behavior. This vulnerability affects Firefox < 56.
Scope: local
sid: resolved (fixed in 56.0-1)
debian
CVE-2017-7820P4MEDIUMCVSS 5.3fixed in firefox 56.0-1 (sid)2017
CVE-2017-7820 [MEDIUM] CVE-2017-7820: firefox - The "instanceof" operator can bypass the Xray wrapper mechanism. When called on ...
The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects Firefox < 56.
Scope: local
sid: resolved (fixed in 56.0-1)
debian
CVE-2023-4046P4MEDIUMCVSS 5.3fixed in firefox 116.0-1 (sid)2023
CVE-2023-4046 [MEDIUM] CVE-2023-4046: firefox - In some circumstances, a stale value could have been used for a global variable ...
In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Scope: local
sid: resolved (fixed in 116.0-1)
debian
CVE-2016-5291P4MEDIUMCVSS 5.5fixed in firefox 50.0-1 (sid)2016
CVE-2016-5291 [MEDIUM] CVE-2016-5291: firefox - A same-origin policy bypass with local shortcut files to load arbitrary local co...
A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
Scope: local
sid: resolved (fixed in 50.0-1)
debian
CVE-2020-12392P4MEDIUMCVSS 5.5fixed in firefox 76.0-1 (sid)2020
CVE-2020-12392 [MEDIUM] CVE-2020-12392: firefox - The 'Copy as cURL' feature of Devtools' network tab did not properly escape the ...
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird <
debian
CVE-2022-28286P4MEDIUMCVSS 5.4fixed in firefox 99.0-1 (sid)2022
CVE-2022-28286 [MEDIUM] CVE-2022-28286: firefox - Due to a layout change, iframe contents could have been rendered outside of its ...
Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
Scope: local
sid: resolved (fixed in 99.0-1)
debian
CVE-2023-25730P4MEDIUMCVSS 5.4fixed in firefox 110.0-1 (sid)2023
CVE-2023-25730 [MEDIUM] CVE-2023-25730: firefox - A background script invoking <code>requestFullscreen</code> and then blocking th...
A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Scope: local
sid: resolved (fixed in 110.0-1)
debian
CVE-2023-6857P4MEDIUMCVSS 5.3fixed in firefox 121.0-1 (sid)2023
CVE-2023-6857 [MEDIUM] CVE-2023-6857: firefox - When resolving a symlink, a race may occur where the buffer passed to `readlink`...
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Scope: local
sid: resolved (fixed in 121.0-1)
debian
CVE-2018-5109P4MEDIUMCVSS 5.3fixed in firefox 58.0-1 (sid)2018
CVE-2018-5109 [MEDIUM] CVE-2018-5109: firefox - An audio capture session can started under an incorrect origin from the site mak...
An audio capture session can started under an incorrect origin from the site making the capture request. Users are still prompted to allow the request but the prompt can display the wrong origin, leading to user confusion about which site is making the request to capture an audio stream. This vulnerability affects Firefox < 58.
Scope: local
sid: resolved (fixed in 5
debian
CVE-2019-11737P4MEDIUMCVSS 5.3fixed in firefox 69.0-1 (sid)2019
CVE-2019-11737 [MEDIUM] CVE-2019-11737: firefox - If a wildcard ('*') is specified for the host in Content Security Policy (CSP) d...
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
Scope: local
sid: resolved (fixed in 69.0-1)
debian
CVE-2023-32208P4MEDIUMCVSS 5.3fixed in firefox 113.0-1 (sid)2023
CVE-2023-32208 [MEDIUM] CVE-2023-32208: firefox - Service workers could reveal script base URL due to dynamic `import()`. This vul...
Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox < 113.
Scope: local
sid: resolved (fixed in 113.0-1)
debian
CVE-2024-6612P4MEDIUMCVSS 5.3fixed in firefox 128.0-1 (sid)2024
CVE-2024-6612 [MEDIUM] CVE-2024-6612: firefox - CSP violations generated links in the console tab of the developer tools, pointi...
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128.
Scope: local
sid: resolved (fixed in 128.0-1)
debian
CVE-2025-5267P4MEDIUMCVSS 5.4fixed in firefox 139.0-1 (sid)2025
CVE-2025-5267 [MEDIUM] CVE-2025-5267: firefox - A clickjacking vulnerability could have been used to trick a user into leaking s...
A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
Scope: local
sid: resolved (fixed in 139.0-1)
debian
CVE-2025-1018P4MEDIUMCVSS 5.3fixed in firefox 135.0-1 (sid)2025
CVE-2025-1018 [MEDIUM] CVE-2025-1018: firefox - The fullscreen notification is prematurely hidden when fullscreen is re-requeste...
The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability affects Firefox < 135 and Thunderbird < 135.
Scope: local
sid: resolved (fixed in 135.0-1)
debian
CVE-2019-9808P4MEDIUMCVSS 5.3fixed in firefox 66.0-1 (sid)2019
CVE-2019-9808 [MEDIUM] CVE-2019-9808: firefox - If WebRTC permission is requested from documents with data: or blob: URLs, the p...
If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 66.
Scope: local
sid: resolved (fixed in 66.0-
debian