Homepage

firefox-esr vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the firefox-esr package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Unrestricted Upload of File with Dangerous Type

<68.11.0-r0
  • M
CVE-2020-15650

<68.11.0-r0
  • H
Use After Free

<68.11.0-r0
  • M
CVE-2020-6514

<68.11.0-r0
  • M
Origin Validation Error

<68.11.0-r0
  • H
Out-of-bounds Write

<68.11.0-r0
  • H
Out-of-bounds Write

<68.5.0-r0
  • M
Improper Input Validation

<68.5.0-r0
  • M
Cross-site Scripting (XSS)

<68.5.0-r0
  • H
Improper Input Validation

<68.5.0-r0
  • H
Out-of-Bounds

<68.5.0-r0
  • M
Information Exposure

<68.9.0-r0
  • M
Use After Free

<68.9.0-r0
  • H
Insufficient Verification of Data Authenticity

<68.9.0-r0
  • H
Out-of-Bounds

<68.9.0-r0
  • M
Out-of-bounds Read

<68.6.0-r0
  • H
Use After Free

<68.6.0-r0
  • H
Out-of-bounds Read

<68.6.0-r0
  • H
Use After Free

<68.6.0-r0
  • H
Arbitrary Code Injection

<68.6.0-r0
  • M
Information Exposure

<68.6.0-r0
  • C
Out-of-Bounds

<68.6.0-r0
  • H
Out-of-Bounds

<68.7.0-r0
  • H
Out-of-bounds Write

<68.7.0-r0
  • C
Out-of-Bounds

<68.7.0-r0
  • H
Use After Free

<68.6.1-r0
  • H
Double Free

<68.6.1-r0
  • H
Out-of-Bounds

<68.10.0-r0
  • M
Out-of-bounds Read

<68.10.0-r0
  • H
Use After Free

<68.10.0-r0
  • H
Use After Free

<68.10.0-r0
  • M
Improper Certificate Validation

<68.10.0-r0
  • H
Race Condition

<68.8.0-r0
  • C
Improper Input Validation

<68.8.0-r0
  • C
Improper Input Validation

<68.8.0-r0
  • M
Information Exposure

<68.8.0-r0
  • H
Arbitrary Code Injection

<68.8.0-r0
  • C
Out-of-Bounds

<68.8.0-r0
  • C
Buffer Overflow

<68.8.0-r0
  • H
Out-of-Bounds

<68.2.0-r0
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<68.4.1-r0
  • H
Buffer Overflow

<68.4.1-r0
  • M
Cross-site Scripting (XSS)

<68.4.1-r0
  • M
Cross-site Scripting (XSS)

<68.4.1-r0
  • H
CVE-2019-17009

<68.3.0-r0
  • H
Use After Free

<68.3.0-r0
  • H
Use After Free

<68.3.0-r0
  • H
Use After Free

<68.3.0-r0
  • H
Buffer Overflow

<68.3.0-r0
  • H
Buffer Overflow

<68.3.0-r0
  • M
Origin Validation Error

<68.2.0-r0
  • M
Race Condition

<68.2.0-r0
  • M
Cross-site Scripting (XSS)

<68.2.0-r0
  • H
Use After Free

<68.2.0-r0
  • H
Out-of-bounds Write

<68.2.0-r0
  • H
Use After Free

<68.2.0-r0
  • H
Buffer Overflow

<68.2.0-r0
  • H
Out-of-bounds Read

<68.2.0-r0
  • L
Information Exposure

<68.1.0-r0
  • H
Out-of-Bounds

<68.1.0-r0
  • H
Use After Free

<68.1.0-r0
  • H
Use After Free

<68.1.0-r0
  • C
Improper Input Validation

<68.1.0-r0
  • M
Inclusion of Functionality from Untrusted Control Sphere

<68.1.0-r0
  • M
Cross-site Scripting (XSS)

<68.1.0-r0
  • C
Improper Authentication

<68.0.2-r0
  • H
Information Exposure

<60.7.0-r0
  • H
Race Condition

<60.7.0-r0
  • H
Improper Handling of Exceptional Conditions

<60.7.0-r0
  • H
Arbitrary Code Injection

<68.0-r0
  • H
Out-of-Bounds

<68.0-r0
  • C
Use After Free

<68.0-r0
  • H
Cross-site Request Forgery (CSRF)

<68.0-r0
  • M
Cross-site Scripting (XSS)

<68.0-r0
  • M
CVE-2019-11730

<68.0-r0
  • M
Improper Encoding or Escaping of Output

<68.0-r0
  • H
Out-of-bounds Read

<68.0-r0
  • C
Out-of-Bounds

<68.0-r0
  • H
CVE-2019-11711

<68.0-r0
  • C
Improper Input Validation

<60.7.2-r0
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<60.7.1-r0
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<60.7.0-r0
  • M
Origin Validation Error

<60.7.0-r0
  • C
Out-of-Bounds

<60.7.0-r0
  • C
Use After Free

<60.7.0-r0
  • C
Use After Free

<60.7.0-r0
  • C
Out-of-Bounds

<60.7.0-r0
  • C
Improper Input Validation

<60.7.0-r0
  • C
Use After Free

<60.7.0-r0
  • M
Improper Input Validation

<60.7.0-r0
  • M
Improper Input Validation

<60.6.1-r0
  • C
Improper Input Validation

<60.6.1-r0
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<60.6.1-r0
  • H
Out-of-Bounds

<60.6.1-r0
  • C
Out-of-Bounds

<60.6.1-r0
  • C
Reachable Assertion

<60.6.1-r0
  • M
Out-of-Bounds

<60.6.1-r0
  • C
Out-of-Bounds

<60.6.1-r0
  • C
Use After Free

<60.6.1-r0
  • C
Use After Free

<60.6.1-r0
  • C
Improper Input Validation

<60.6.1-r0
  • M
Origin Validation Error

<60.7.0-r0
  • M
Out-of-bounds Read

<60.7.0-r0
  • M
Information Exposure

<60.7.0-r0
  • M
Out-of-bounds Write

<60.5.2-r0
  • M
Use After Free

<60.7.0-r0
  • C
Out-of-Bounds

<60.5.0-r0
  • C
Improper Authentication

<60.5.0-r0
  • C
Use After Free

<60.5.0-r0
  • M
CVE-2018-18506

<60.6.1-r0
  • H
Out-of-bounds Write

<60.5.2-r0
  • H
Out-of-bounds Write

<60.5.2-r0
  • C
Use After Free

<52.6.0-r0
  • C
Use After Free

<52.6.0-r0
  • C
Use After Free

<52.6.0-r0
  • H
Information Exposure

<52.5.2-r0
  • C
Integer Overflow or Wraparound

<52.6.0-r0
  • C
Use After Free

<52.6.0-r0
  • C
Use After Free

<52.6.0-r0
  • C
Use After Free

<52.6.0-r0
  • M
CVE-2018-5117

<52.6.0-r0
  • C
Use After Free

<52.6.0-r0
  • C
Use After Free

<52.6.0-r0
  • C
Out-of-Bounds

<52.6.0-r0