Homepage

firefox vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the firefox package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
CVE-2024-11699

<0:128.5.1-1.el9_5
  • H
CVE-2024-11697

<0:128.5.1-1.el9_5
  • H
CVE-2024-11696

<0:128.5.1-1.el9_5
  • H
CVE-2024-11695

<0:128.5.1-1.el9_5
  • H
CVE-2024-11694

<0:128.5.1-1.el9_5
  • H
CVE-2024-11692

<0:128.5.1-1.el9_5
  • H
Out-of-bounds Write

<0:128.4.0-1.el9_5
  • H
CVE-2024-10466

<0:128.4.0-1.el9_5
  • H
Authentication Bypass

<0:128.4.0-1.el9_5
  • H
Out-of-bounds Read

<0:128.4.0-1.el9_5
  • H
Information Exposure

<0:128.4.0-1.el9_5
  • H
Authentication Bypass

<0:128.4.0-1.el9_5
  • H
Cross-site Scripting (XSS)

<0:128.4.0-1.el9_5
  • H
CVE-2024-10460

<0:128.4.0-1.el9_5
  • H
Use After Free

<0:128.4.0-1.el9_5
  • H
CVE-2024-10458

<0:128.4.0-1.el9_5
  • H
Use After Free

<0:128.4.0-1.el9_5
  • H
CVE-2024-9402

<0:128.3.0-1.el9_4.alma.1
  • H
CVE-2024-9401

<0:128.3.0-1.el9_4.alma.1
  • H
CVE-2024-9394

<0:128.3.0-1.el9_4.alma.1
  • H
CVE-2024-9393

<0:128.3.0-1.el9_4.alma.1
  • H
CVE-2024-9392

<0:128.3.0-1.el9_4.alma.1
  • H
Out-of-bounds Write

<0:128.2.0-1.el9_4.alma.1
  • H
Open Redirect

<0:128.2.0-1.el9_4.alma.1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:128.2.0-1.el9_4.alma.1
  • H
Out-of-bounds Write

<0:128.2.0-1.el9_4.alma.1
  • H
CVE-2024-8383

<0:128.2.0-1.el9_4.alma.1
  • H
CVE-2024-8382

<0:128.2.0-1.el9_4.alma.1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:128.2.0-1.el9_4.alma.1
  • H
CVE-2024-7652

<0:128.2.0-1.el9_4.alma.1
  • H
CVE-2024-7529

<0:115.14.0-2.el9_4.alma.1
  • H
Use After Free

<0:115.14.0-2.el9_4.alma.1
  • H
Use After Free

<0:115.14.0-2.el9_4.alma.1
  • H
Use of Uninitialized Resource

<0:115.14.0-2.el9_4.alma.1
  • H
Incorrect Default Permissions

<0:115.14.0-2.el9_4.alma.1
  • H
Cross-site Scripting (XSS)

<0:115.14.0-2.el9_4.alma.1
  • H
Out-of-bounds Read

<0:115.14.0-2.el9_4.alma.1
  • H
Improper Handling of Exceptional Conditions

<0:115.14.0-2.el9_4.alma.1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:115.14.0-2.el9_4.alma.1
  • H
Out-of-bounds Write

<0:115.14.0-2.el9_4.alma.1
  • H
CVE-2024-7518

<0:115.14.0-2.el9_4.alma.1
  • H
CVE-2024-6604

<0:115.13.0-3.el9_4.alma.1
  • H
CVE-2024-6603

<0:115.13.0-3.el9_4.alma.1
  • H
CVE-2024-6601

<0:115.13.0-3.el9_4.alma.1
  • H
CVE-2024-5702

<0:115.12.0-1.el9_4.alma.1
  • H
CVE-2024-5700

<0:115.12.0-1.el9_4.alma.1
  • H
CVE-2024-5696

<0:115.12.0-1.el9_4.alma.1
  • H
CVE-2024-5693

<0:115.12.0-1.el9_4.alma.1
  • H
CVE-2024-5691

<0:115.12.0-1.el9_4.alma.1
  • H
Information Exposure

<0:115.12.0-1.el9_4.alma.1
  • H
CVE-2024-5688

<0:115.12.0-1.el9_4.alma.1
  • H
CVE-2024-4777

<0:115.11.0-1.el9_4.alma.1
  • H
CVE-2024-4770

<0:115.11.0-1.el9_4.alma.1
  • H
CVE-2024-4769

<0:115.11.0-1.el9_4.alma.1
  • H
CVE-2024-4768

<0:115.11.0-1.el9_4.alma.1
  • H
CVE-2024-4767

<0:115.11.0-1.el9_4.alma.1
  • H
CVE-2024-4367

<0:115.11.0-1.el9_4.alma.1
  • H
CVE-2024-3864

<0:115.10.0-1.el9_3.alma.1
  • H
CVE-2024-3861

<0:115.10.0-1.el9_3.alma.1
  • H
CVE-2024-3859

<0:115.10.0-1.el9_3.alma.1
  • H
CVE-2024-3857

<0:115.10.0-1.el9_3.alma.1
  • H
CVE-2024-3854

<0:115.10.0-1.el9_3.alma.1
  • H
CVE-2024-3852

<0:115.10.0-1.el9_3.alma.1
  • H
CVE-2024-2609

<0:115.10.0-1.el9_3.alma.1
  • C
CVE-2024-29944

<0:115.9.1-1.el9_3.alma.1
  • C
CVE-2024-2616

<0:115.9.1-1.el9_3.alma.1
  • C
CVE-2024-2614

<0:115.9.1-1.el9_3.alma.1
  • C
CVE-2024-2612

<0:115.9.1-1.el9_3.alma.1
  • C
CVE-2024-2611

<0:115.9.1-1.el9_3.alma.1
  • C
CVE-2024-2610

<0:115.9.1-1.el9_3.alma.1
  • C
CVE-2024-2608

<0:115.9.1-1.el9_3.alma.1
  • C
CVE-2024-2607

<0:115.9.1-1.el9_3.alma.1
  • C
Unchecked Return Value

<0:115.9.1-1.el9_3.alma.1
  • C
CVE-2023-5388

<0:115.9.1-1.el9_3.alma.1
  • H
CVE-2024-1553

<0:115.8.0-1.el9_3.alma
  • H
Incorrect Conversion between Numeric Types

<0:115.8.0-1.el9_3.alma
  • H
CVE-2024-1551

<0:115.8.0-1.el9_3.alma
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.8.0-1.el9_3.alma
  • H
CVE-2024-1549

<0:115.8.0-1.el9_3.alma
  • H
CVE-2024-1548

<0:115.8.0-1.el9_3.alma
  • H
CVE-2024-1547

<0:115.8.0-1.el9_3.alma
  • H
CVE-2024-1546

<0:115.8.0-1.el9_3.alma
  • H
CVE-2024-0755

<0:115.7.0-1.el9_3.alma
  • H
CVE-2024-0753

<0:115.7.0-1.el9_3.alma
  • H
Improper Privilege Management

<0:115.7.0-1.el9_3.alma
  • H
CVE-2024-0750

<0:115.7.0-1.el9_3.alma
  • H
Origin Validation Error

<0:115.7.0-1.el9_3.alma
  • H
CVE-2024-0747

<0:115.7.0-1.el9_3.alma
  • H
CVE-2024-0746

<0:115.7.0-1.el9_3.alma
  • H
CVE-2024-0742

<0:115.7.0-1.el9_3.alma
  • H
Out-of-bounds Write

<0:115.7.0-1.el9_3.alma
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.6.0-1.el9_3.alma
  • H
CVE-2023-6865

<0:115.6.0-1.el9_3.alma
  • H
Out-of-bounds Write

<0:115.6.0-1.el9_3.alma
  • H
CVE-2023-6863

<0:115.6.0-1.el9_3.alma
  • H
Use After Free

<0:115.6.0-1.el9_3.alma
  • H
Out-of-bounds Write

<0:115.6.0-1.el9_3.alma
  • H
CVE-2023-6860

<0:115.6.0-1.el9_3.alma
  • H
Use After Free

<0:115.6.0-1.el9_3.alma
  • H
Out-of-bounds Write

<0:115.6.0-1.el9_3.alma
  • H
Race Condition

<0:115.6.0-1.el9_3.alma
  • H
Out-of-bounds Write

<0:115.6.0-1.el9_3.alma
  • H
Out-of-bounds Write

<0:115.5.0-1.el9_3.alma.1
  • H
Directory Traversal

<0:115.5.0-1.el9_3.alma.1
  • H
CVE-2023-6208

<0:115.5.0-1.el9_3.alma.1
  • H
Use After Free

<0:115.5.0-1.el9_3.alma.1
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.5.0-1.el9_3.alma.1
  • H
Use After Free

<0:115.5.0-1.el9_3.alma.1
  • H
Out-of-bounds Read

<0:115.5.0-1.el9_3.alma.1
  • H
CVE-2023-5732

<0:115.4.0-1.el9_2.alma.1
  • H
Out-of-bounds Write

<0:115.4.0-1.el9_2.alma.1
  • H
CVE-2023-5728

<0:115.4.0-1.el9_2.alma.1
  • H
CVE-2023-5725

<0:115.4.0-1.el9_2.alma.1
  • H
CVE-2023-5724

<0:115.4.0-1.el9_2.alma.1
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:115.4.0-1.el9_2.alma.1
  • H
Improper Handling of Exceptional Conditions

<0:115.4.0-1.el9_2.alma.1
  • H
Out-of-bounds Write

<0:115.3.1-1.el9_2.alma.1
  • H
Out-of-bounds Write

<0:115.3.1-1.el9_2.alma.1
  • H
Use After Free

<0:115.3.1-1.el9_2.alma.1
  • H
Out-of-bounds Write

<0:115.3.1-1.el9_2.alma.1
  • H
Use After Free

<0:115.3.1-1.el9_2.alma.1
  • H
Out-of-bounds Write

<0:102.15.1-1.el9_2.alma
  • H
Out-of-bounds Write

<0:102.15.0-1.el9_2.alma
  • H
Out-of-bounds Write

<0:102.15.0-1.el9_2.alma
  • H
CVE-2023-4583

<0:102.15.0-1.el9_2.alma
  • H
CVE-2023-4581

<0:102.15.0-1.el9_2.alma
  • H
Missing Encryption of Sensitive Data

<0:102.15.0-1.el9_2.alma
  • H
Allocation of Resources Without Limits or Throttling

<0:102.15.0-1.el9_2.alma
  • H
CVE-2023-4577

<0:102.15.0-1.el9_2.alma
  • H
Use After Free

<0:102.15.0-1.el9_2.alma
  • H
Use After Free

<0:102.15.0-1.el9_2.alma
  • H
Use After Free

<0:102.15.0-1.el9_2.alma
  • H
Link Following

<0:102.15.0-1.el9_2.alma
  • H
CVE-2023-4051

<0:102.15.0-1.el9_2.alma
  • H
Out-of-bounds Write

<0:102.14.0-1.el9_2.alma
  • H
Out-of-bounds Write

<0:102.14.0-1.el9_2.alma
  • H
CVE-2023-4055

<0:102.14.0-1.el9_2.alma
  • H
Out-of-bounds Write

<0:102.14.0-1.el9_2.alma
  • H
Race Condition

<0:102.14.0-1.el9_2.alma
  • H
Out-of-bounds Read

<0:102.14.0-1.el9_2.alma
  • H
CVE-2023-4047

<0:102.14.0-1.el9_2.alma
  • H
CVE-2023-4046

<0:102.14.0-1.el9_2.alma
  • H
Origin Validation Error

<0:102.14.0-1.el9_2.alma
  • H
Out-of-bounds Write

<0:102.13.0-2.el9_2.alma
  • H
CVE-2023-37208

<0:102.13.0-2.el9_2.alma
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:102.13.0-2.el9_2.alma
  • H
Use After Free

<0:102.13.0-2.el9_2.alma
  • H
Use After Free

<0:102.13.0-2.el9_2.alma
  • H
Out-of-bounds Write

<0:102.12.0-1.el9_2.alma
  • H
Improper Certificate Validation

<0:102.12.0-1.el9_2.alma
  • H
Out-of-bounds Write

<0:102.5.0-1.el9_1.alma
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.5.0-1.el9_1.alma
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:102.5.0-1.el9_1.alma
  • H
Information Exposure

<0:102.5.0-1.el9_1.alma
  • H
Link Following

<0:102.5.0-1.el9_1.alma
  • H
Cross-site Scripting (XSS)

<0:102.5.0-1.el9_1.alma
  • H
CVE-2022-45410

<0:102.5.0-1.el9_1.alma
  • H
Use After Free

<0:102.5.0-1.el9_1.alma
  • H
CVE-2022-45408

<0:102.5.0-1.el9_1.alma
  • H
Use After Free

<0:102.5.0-1.el9_1.alma
  • H
Use After Free

<0:102.5.0-1.el9_1.alma
  • H
CVE-2022-45404

<0:102.5.0-1.el9_1.alma
  • H
Information Exposure

<0:102.5.0-1.el9_1.alma
  • H
Out-of-bounds Write

<0:102.7.0-1.el9_1.alma
  • H
CVE-2023-23603

<0:102.7.0-1.el9_1.alma
  • H
Improper Check for Unusual or Exceptional Conditions

<0:102.7.0-1.el9_1.alma
  • H
Origin Validation Error

<0:102.7.0-1.el9_1.alma
  • H
Improper Encoding or Escaping of Output

<0:102.7.0-1.el9_1.alma
  • H
CVE-2023-23598

<0:102.7.0-1.el9_1.alma
  • H
CVE-2022-46877

<0:102.7.0-1.el9_1.alma
  • H
CVE-2022-46871

<0:102.7.0-1.el9_1.alma
  • H
CVE-2022-36319

<0:91.12.0-2.el9_0.alma
  • H
Race Condition

<0:91.12.0-2.el9_0.alma
  • H
Out-of-bounds Write

<0:91.12.0-2.el9_0.alma
  • H
Use After Free

<0:102.6.0-1.el9_1.alma
  • H
Out-of-bounds Write

<0:102.6.0-1.el9_1.alma
  • H
Use After Free

<0:102.6.0-1.el9_1.alma
  • H
Out-of-bounds Write

<0:102.6.0-1.el9_1.alma
  • H
CVE-2022-46874

<0:102.6.0-1.el9_1.alma
  • H
CVE-2022-46872

<0:102.6.0-1.el9_1.alma
  • H
CVE-2023-29550

<0:102.10.0-1.el9_1.alma
  • H
CVE-2023-29548

<0:102.10.0-1.el9_1.alma
  • H
Improper Encoding or Escaping of Output

<0:102.10.0-1.el9_1.alma
  • H
NULL Pointer Dereference

<0:102.10.0-1.el9_1.alma
  • H
Use After Free

<0:102.10.0-1.el9_1.alma
  • H
CVE-2023-29535

<0:102.10.0-1.el9_1.alma
  • H
CVE-2023-29533

<0:102.10.0-1.el9_1.alma
  • H
Out-of-bounds Write

<0:102.10.0-1.el9_1.alma
  • H
Out-of-bounds Write

<0:102.4.0-1.el9_0.alma
  • H
CVE-2022-42929

<0:102.4.0-1.el9_0.alma
  • H
NULL Pointer Dereference

<0:102.4.0-1.el9_0.alma
  • H
Origin Validation Error

<0:102.4.0-1.el9_0.alma
  • H
Out-of-bounds Write

<0:102.8.0-2.el9_1.alma
  • H
Out-of-bounds Write

<0:102.8.0-2.el9_1.alma
  • H
Authentication Bypass

<0:102.8.0-2.el9_1.alma
  • H
CVE-2023-25742

<0:102.8.0-2.el9_1.alma
  • H
Use After Free

<0:102.8.0-2.el9_1.alma
  • H
CVE-2023-25737

<0:102.8.0-2.el9_1.alma
  • H
Use After Free

<0:102.8.0-2.el9_1.alma
  • H
Out-of-bounds Write

<0:102.8.0-2.el9_1.alma
  • H
CVE-2023-25730

<0:102.8.0-2.el9_1.alma
  • H
CVE-2023-25729

<0:102.8.0-2.el9_1.alma
  • H
CVE-2023-25728

<0:102.8.0-2.el9_1.alma
  • H
Use After Free

<0:102.3.0-7.el9_0.alma
  • H
Out-of-bounds Write

<0:102.9.0-3.el9_1.alma
  • H
CVE-2023-28164

<0:102.9.0-3.el9_1.alma
  • H
Incorrect Type Conversion or Cast

<0:102.9.0-3.el9_1.alma
  • H
CVE-2023-25752

<0:102.9.0-3.el9_1.alma
  • H
CVE-2023-25751

<0:102.9.0-3.el9_1.alma
  • H
Out-of-bounds Write

<0:102.3.0-6.el9_0.alma
  • H
Use After Free

<0:102.3.0-6.el9_0.alma
  • H
Insecure Storage of Sensitive Information

<0:102.3.0-6.el9_0.alma
  • H
Arbitrary Code Injection

<0:102.3.0-6.el9_0.alma
  • H
CVE-2022-40957

<0:102.3.0-6.el9_0.alma
  • H
Cross-site Scripting (XSS)

<0:102.3.0-6.el9_0.alma
  • H
CVE-2023-0767

<0:102.8.0-2.el9_1.alma
  • H
Out-of-bounds Write

<0:102.11.0-2.el9_2.alma
  • H
Use of Uninitialized Resource

<0:102.11.0-2.el9_2.alma
  • H
CVE-2023-32212

<0:102.11.0-2.el9_2.alma
  • H
CVE-2023-32211

<0:102.11.0-2.el9_2.alma
  • H
Authentication Bypass

<0:102.11.0-2.el9_2.alma
  • H
Out-of-bounds Read

<0:102.11.0-2.el9_2.alma
  • H
CVE-2023-32205

<0:102.11.0-2.el9_2.alma
  • H
Out-of-bounds Write

<0:91.13.0-1.el9_0.alma
  • H
Out-of-bounds Write

<0:91.13.0-1.el9_0.alma
  • H
Use After Free

<0:91.13.0-1.el9_0.alma
  • H
Improper Preservation of Permissions

<0:91.13.0-1.el9_0.alma
  • H
Origin Validation Error

<0:91.13.0-1.el9_0.alma