Homepage

firefox

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the firefox package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Access of Uninitialized Pointer

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
Integer Overflow or Wraparound

<0:140.9.0-1.amzn2023.0.2
  • H
Buffer Underflow

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
Undefined Behavior for Input to API

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
Allocation of Resources Without Limits or Throttling

<0:140.9.0-1.amzn2023.0.2
  • H
Expired Pointer Dereference

<0:140.9.0-1.amzn2023.0.2
  • H
Incorrect Calculation of Buffer Size

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
Expired Pointer Dereference

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Read

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
HTTP Request Smuggling

<0:140.9.0-1.amzn2023.0.2
  • H
Integer Overflow or Wraparound

<0:140.9.0-1.amzn2023.0.2
  • H
Integer Overflow or Wraparound

<0:140.9.0-1.amzn2023.0.2
  • H
Expired Pointer Dereference

<0:140.9.0-1.amzn2023.0.2
  • H
Undefined Behavior for Input to API

<0:140.9.0-1.amzn2023.0.2
  • H
Buffer Overflow

<0:140.9.0-1.amzn2023.0.2
  • H
Expired Pointer Dereference

<0:140.9.0-1.amzn2023.0.2
  • H
Race Condition

<0:140.9.0-1.amzn2023.0.2
  • H
Trust Boundary Violation

<0:140.9.0-1.amzn2023.0.2
  • H
Expired Pointer Dereference

<0:140.9.0-1.amzn2023.0.2
  • H
Exposure of Private Information ('Privacy Violation')

<0:140.9.0-1.amzn2023.0.2
  • H
Buffer Access with Incorrect Length Value

<0:140.9.0-1.amzn2023.0.2
  • H
Expired Pointer Dereference

<0:140.9.0-1.amzn2023.0.2
  • H
Use of Out-of-range Pointer Offset

<0:140.9.0-1.amzn2023.0.2
  • H
Incorrect Privilege Assignment

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
Use of Out-of-range Pointer Offset

<0:140.9.0-1.amzn2023.0.2
  • H
Insufficient Compartmentalization

<0:140.9.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.9.0-1.amzn2023.0.2
  • H
Expired Pointer Dereference

<0:140.9.0-1.amzn2023.0.2
  • H
Access of Uninitialized Pointer

<0:140.9.0-1.amzn2023.0.2
  • H
Compiler Optimization Removal or Modification of Security-critical Code

<0:140.9.0-1.amzn2023.0.2
  • H
Compiler Optimization Removal or Modification of Security-critical Code

<0:140.9.0-1.amzn2023.0.2
  • M
NULL Pointer Dereference

<0:140.8.0-1.amzn2023.0.2
  • M
NULL Pointer Dereference

<0:140.8.0-1.amzn2023.0.2
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:140.8.0-1.amzn2023.0.2
  • H
CVE-2026-2779

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2777

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2757

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2775

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2773

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2771

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Access of Uninitialized Pointer

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2788

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2784

<0:140.8.0-1.amzn2023.0.1
  • H
Out-of-bounds Write

<0:140.8.0-1.amzn2023.0.1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2776

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2778

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2780

<0:140.8.0-1.amzn2023.0.1
  • H
Integer Overflow or Wraparound

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2760

<0:140.8.0-1.amzn2023.0.1
  • H
Integer Overflow or Wraparound

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2769

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2790

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2791

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2782

<0:140.8.0-1.amzn2023.0.1
  • H
Out-of-bounds Write

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2768

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2761

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Integer Overflow or Wraparound

<0:140.8.0-1.amzn2023.0.1
  • H
CVE-2026-2759

<0:140.8.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.8.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.7.1-1.amzn2023.0.1
  • H
CVE-2026-2447

<0:140.7.1-1.amzn2023.0.1
  • H
Out-of-bounds Write

<0:140.7.1-1.amzn2023.0.1
  • L
Allocation of Resources Without Limits or Throttling

<0:140.7.0-1.amzn2023.0.4
  • M
Out-of-bounds Read

<0:140.7.0-1.amzn2023.0.3
  • M
NULL Pointer Dereference

<0:140.7.0-1.amzn2023.0.3
  • M
Out-of-bounds Read

<0:140.7.0-1.amzn2023.0.3
  • H
CVE-2026-0880

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0887

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0883

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0878

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0884

<0:140.7.0-1.amzn2023.0.1
  • H
Authentication Bypass

<0:140.7.0-1.amzn2023.0.1
  • M
Integer Overflow or Wraparound

<0:140.7.0-1.amzn2023.0.2
  • H
CVE-2026-0890

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0886

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0879

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0877

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0885

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0891

<0:140.7.0-1.amzn2023.0.1
  • H
CVE-2026-0882

<0:140.7.0-1.amzn2023.0.1
  • H
Out-of-bounds Write

<0:140.6.0-1.amzn2023.0.1
  • H
Arbitrary Code Injection

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14323

<0:140.6.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14330

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14324

<0:140.6.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.6.0-1.amzn2023.0.1
  • H
Origin Validation Error

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14329

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14322

<0:140.6.0-1.amzn2023.0.1
  • H
CVE-2025-14328

<0:140.6.0-1.amzn2023.0.1
  • H
Trust Boundary Violation

<0:140.5.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.5.0-1.amzn2023.0.2
  • H
Out-of-bounds Read

<0:140.5.0-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:140.5.0-1.amzn2023.0.1
  • H
Authentication Bypass

<0:140.5.0-1.amzn2023.0.1
  • H
Expired Pointer Dereference

<0:140.5.0-1.amzn2023.0.1
  • H
Cross-site Scripting (XSS)

<0:140.5.0-1.amzn2023.0.1
  • H
Expired Pointer Dereference

<0:140.5.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.5.0-1.amzn2023.0.2
  • H
Origin Validation Error

<0:140.5.0-1.amzn2023.0.1
  • H
Race Condition

<0:140.5.0-1.amzn2023.0.1
  • H
Out-of-bounds Write

<0:140.5.0-1.amzn2023.0.1
  • L
ALAS2023-2025-1284

<0:140.4.0-1.amzn2023.0.4
  • H
Out-of-bounds Write

<0:140.5.0-1.amzn2023.0.2
  • M
Improper Neutralization of Null Byte or NUL Character

<0:140.4.0-1.amzn2023.0.4
  • H
Integer Overflow or Wraparound

<0:128.10.0-1.amzn2023.0.2
  • H
Exposure of System Data to an Unauthorized Control Sphere

<0:140.4.0-1.amzn2023.0.2
  • H
Use After Free

<0:140.4.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:140.4.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:140.4.0-1.amzn2023.0.2
  • H
Improper Access Control

<0:140.4.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:140.4.0-1.amzn2023.0.2
  • H
Interpretation Conflict

<0:140.4.0-1.amzn2023.0.2
  • H
Access of Uninitialized Pointer

<0:140.3.0-1.amzn2023.0.1
  • H
Out-of-bounds Read

<0:140.3.0-1.amzn2023.0.1
  • H
Use After Free

<0:140.3.0-1.amzn2023.0.1
  • H
Allocation of Resources Without Limits or Throttling

<0:140.3.0-1.amzn2023.0.1
  • H
CVE-2025-10536

<0:140.3.0-1.amzn2023.0.1
  • H
CVE-2025-10537

<0:140.3.0-1.amzn2023.0.1
  • H
CVE-2025-10529

<0:140.3.0-1.amzn2023.0.1
  • H
Integer Overflow or Wraparound

<0:140.3.0-1.amzn2023.0.1
  • H
Out-of-Bounds

<0:140.2.0-1.amzn2023.0.1
  • H
Resource Exhaustion

<0:140.2.0-1.amzn2023.0.1
  • H
User Interface (UI) Misrepresentation of Critical Information

<0:140.2.0-1.amzn2023.0.1
  • H
Improper Initialization

<0:140.2.0-1.amzn2023.0.1
  • H
Out-of-Bounds

<0:140.2.0-1.amzn2023.0.1
  • H
Out-of-Bounds

<0:140.2.0-1.amzn2023.0.1
  • H
Improper Input Validation

<0:140.2.0-1.amzn2023.0.1
  • H
Information Exposure

<0:140.2.0-1.amzn2023.0.1
  • H
Insufficient Protection Against Instruction Skipping Via Fault Injection

<0:140.1.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:140.1.0-1.amzn2023.0.2
  • H
Incorrect Default Permissions

<0:140.1.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:140.1.0-1.amzn2023.0.2
  • H
Protection Mechanism Failure

<0:140.1.0-1.amzn2023.0.2
  • H
Use of Uninitialized Variable

<0:140.1.0-1.amzn2023.0.2
  • H
Arbitrary Code Injection

<0:140.1.0-1.amzn2023.0.2
  • H
Cross-site Scripting (XSS)

<0:140.1.0-1.amzn2023.0.2
  • H
NULL Pointer Dereference

<0:140.1.0-1.amzn2023.0.2
  • H
Information Exposure

<0:128.12.0-1.amzn2023.0.1
  • H
Use of Incorrectly-Resolved Name or Reference

<0:128.12.0-1.amzn2023.0.1
  • H
Use After Free

<0:128.12.0-1.amzn2023.0.1
  • H
Cross-site Scripting (XSS)

<0:128.12.0-1.amzn2023.0.1
  • H
Improper Encoding or Escaping of Output

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:128.11.0-1.amzn2023.0.2
  • H
Improper Restriction of Rendered UI Layers or Frames

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-Bounds

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-bounds Write

<0:128.11.0-1.amzn2023.0.2
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:128.11.0-1.amzn2023.0.2
  • H
Inclusion of Functionality from Untrusted Control Sphere

<0:128.11.0-1.amzn2023.0.2
  • H
Improper Encoding or Escaping of Output

<0:128.11.0-1.amzn2023.0.2
  • H
Out-of-bounds Read

<0:128.10.0-1.amzn2023.0.2
  • H
Integer Overflow or Wraparound

<0:128.10.0-1.amzn2023.0.2
  • H
Buffer Overflow

<0:128.10.0-1.amzn2023.0.2
  • H
Buffer Overflow

<0:128.10.0-1.amzn2023.0.2
  • H
Insufficient Compartmentalization

<0:128.10.0-1.amzn2023.0.2
  • H
Buffer Overflow

<0:128.9.0-1.amzn2023.0.1
  • H
Use After Free

<0:128.9.0-1.amzn2023.0.1
  • H
Origin Validation Error

<0:128.9.0-1.amzn2023.0.1