Homepage

firefox vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the firefox package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Out-of-bounds Read

<0:140.7.1-1.amzn2023.0.1
  • H
CVE-2026-2447

<0:140.7.1-1.amzn2023.0.1
  • H
Out-of-bounds Write

<0:140.7.1-1.amzn2023.0.1
  • L
Allocation of Resources Without Limits or Throttling

<0:140.7.0-1.amzn2023.0.4
  • M
Out-of-bounds Read

<0:140.7.0-1.amzn2023.0.3
  • M
NULL Pointer Dereference

<0:140.7.0-1.amzn2023.0.3
  • M
Out-of-bounds Read

<0:140.7.0-1.amzn2023.0.3
  • H
CVE-2026-0880

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0887

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0883

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0878

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0884

<0:140.7.0-1.amzn2023.0.1
  • H
Authentication Bypass

<0:140.7.0-1.amzn2023.0.1
  • M
Integer Overflow or Wraparound

<0:140.7.0-1.amzn2023.0.2
  • H
CVE-2026-0890

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0886

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0879

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0877

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0885

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0891

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0882

<0:140.7.0-1.amzn2023.0.1
  • H
Out-of-bounds Write

<0:140.6.0-1.amzn2023.0.1
  • H
Arbitrary Code Injection

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14323

<0:140.6.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14330

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14324

<0:140.6.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.6.0-1.amzn2023.0.1
  • H
Origin Validation Error

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14329

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14322

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14328

<0:140.6.0-1.amzn2023.0.1
  • H
Trust Boundary Violation

<0:140.5.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.5.0-1.amzn2023.0.2
  • H
Out-of-bounds Read

<0:140.5.0-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:140.5.0-1.amzn2023.0.1
  • H
Authentication Bypass

<0:140.5.0-1.amzn2023.0.1
  • H
Expired Pointer Dereference

<0:140.5.0-1.amzn2023.0.1
  • H
Cross-site Scripting (XSS)

<0:140.5.0-1.amzn2023.0.1
  • H
Expired Pointer Dereference

<0:140.5.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.5.0-1.amzn2023.0.2
  • H
Origin Validation Error

<0:140.5.0-1.amzn2023.0.1
  • H
Race Condition

<0:140.5.0-1.amzn2023.0.1
  • H
Out-of-bounds Write

<0:140.5.0-1.amzn2023.0.1
  • L
ALAS2023-2025-1284

<0:140.4.0-1.amzn2023.0.4
  • H
Out-of-bounds Write

<0:140.5.0-1.amzn2023.0.2
  • M
Improper Neutralization of Null Byte or NUL Character

<0:140.4.0-1.amzn2023.0.4
  • H
Integer Overflow or Wraparound

<0:128.10.0-1.amzn2023.0.2
  • H
Exposure of System Data to an Unauthorized Control Sphere

<0:140.4.0-1.amzn2023.0.2
  • H
Use After Free

<0:140.4.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.4.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:140.4.0-1.amzn2023.0.2
  • H
Improper Access Control

<0:140.4.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:140.4.0-1.amzn2023.0.2
  • H
Interpretation Conflict

<0:140.4.0-1.amzn2023.0.2
  • H
Access of Uninitialized Pointer

<0:140.3.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.3.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.3.0-1.amzn2023.0.1
  • H
Allocation of Resources Without Limits or Throttling

<0:140.3.0-1.amzn2023.0.1
  • H
CVE-2025-10536

<0:140.3.0-1.amzn2023.0.1
  • H
CVE-2025-10537

<0:140.3.0-1.amzn2023.0.1
  • H
CVE-2025-10529

<0:140.3.0-1.amzn2023.0.1
  • H
Integer Overflow or Wraparound

<0:140.3.0-1.amzn2023.0.1
  • H
Out-of-Bounds

<0:140.2.0-1.amzn2023.0.1
  • H
Resource Exhaustion

<0:140.2.0-1.amzn2023.0.1
  • H
User Interface (UI) Misrepresentation of Critical Information

<0:140.2.0-1.amzn2023.0.1
  • H
Improper Initialization

<0:140.2.0-1.amzn2023.0.1
  • H
Out-of-Bounds

<0:140.2.0-1.amzn2023.0.1
  • H
Out-of-Bounds

<0:140.2.0-1.amzn2023.0.1
  • H
Improper Input Validation

<0:140.2.0-1.amzn2023.0.1
  • H
Information Exposure

<0:140.2.0-1.amzn2023.0.1
  • H
Insufficient Protection Against Instruction Skipping Via Fault Injection

<0:140.1.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:140.1.0-1.amzn2023.0.2
  • H
Incorrect Default Permissions

<0:140.1.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:140.1.0-1.amzn2023.0.2
  • H
Protection Mechanism Failure

<0:140.1.0-1.amzn2023.0.2
  • H
Use of Uninitialized Variable

<0:140.1.0-1.amzn2023.0.2
  • H
Arbitrary Code Injection

<0:140.1.0-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:140.1.0-1.amzn2023.0.2
  • H
NULL Pointer Dereference

<0:140.1.0-1.amzn2023.0.2
  • H
Information Exposure

<0:128.12.0-1.amzn2023.0.1
  • H
Use of Incorrectly-Resolved Name or Reference

<0:128.12.0-1.amzn2023.0.1
  • H
Use After Free

<0:128.12.0-1.amzn2023.0.1
  • H
Cross-site Scripting (XSS)

<0:128.12.0-1.amzn2023.0.1
  • H
Improper Encoding or Escaping of Output

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:128.11.0-1.amzn2023.0.2
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:128.11.0-1.amzn2023.0.2
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:128.11.0-1.amzn2023.0.2
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:128.11.0-1.amzn2023.0.2
  • H
Improper Encoding or Escaping of Output

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-bounds Read

<0:128.10.0-1.amzn2023.0.2
  • H
Integer Overflow or Wraparound

<0:128.10.0-1.amzn2023.0.2
  • H
Buffer Overflow

<0:128.10.0-1.amzn2023.0.2
  • H
Buffer Overflow

<0:128.10.0-1.amzn2023.0.2
  • H
Insufficient Compartmentalization

<0:128.10.0-1.amzn2023.0.2
  • H
Buffer Overflow

<0:128.9.0-1.amzn2023.0.1
  • H
Use After Free

<0:128.9.0-1.amzn2023.0.1
  • H
Origin Validation Error

<0:128.9.0-1.amzn2023.0.1