firefox-esr vulnerabilities

Known vulnerabilities in the firefox-esr package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L CVE-2024-11695	<128.5.0-r0
L CVE-2024-11692	<128.5.0-r0
L CVE-2024-11696	<128.5.0-r0
L CVE-2024-11698	<128.5.0-r0
L GHSA-cpxj-fx45-9pgm	<128.5.0-r0
L GHSA-4jp9-q9g7-48gr	<128.5.0-r0
L GHSA-m59j-fmqm-3q93	<128.5.0-r0
L CVE-2024-11697	<128.5.0-r0
L CVE-2024-11699	<128.5.0-r0
L CVE-2024-11693	<128.5.0-r0
L GHSA-qxf6-g9x3-8w74	<128.5.0-r0
L GHSA-rh22-rcv2-42x3	<128.5.0-r0
L GHSA-g5wv-cvf4-2r98	<128.5.0-r0
L GHSA-53mx-8hhc-gmp3	<128.5.0-r0
L GHSA-9g2q-259c-66mq	<128.5.0-r0
L GHSA-mjcw-r3mg-3848	<128.5.0-r0
L CVE-2024-11691	<128.5.0-r0
L CVE-2024-11694	<128.5.0-r0
H Use After Free	<128.4.0-r0
L GHSA-r2v5-q2jv-5cff	<128.4.0-r0
H CVE-2024-10458	<128.4.0-r0
M Out-of-bounds Read	<128.4.0-r0
L GHSA-jx2m-9x57-vwr5	<128.4.0-r0
L GHSA-77hv-rqc3-4gm6	<128.4.0-r0
L GHSA-4jv6-884h-v282	<128.4.0-r0
M Cross-site Scripting (XSS)	<128.4.0-r0
L GHSA-6rc3-wcpj-59ch	<128.4.0-r0
L GHSA-4wjh-chq6-qh88	<128.4.0-r0
L GHSA-jv24-5j5x-m8w6	<128.4.0-r0
M Information Exposure	<128.4.0-r0
H Out-of-bounds Write	<128.4.0-r0
M Authentication Bypass	<128.4.0-r0
H CVE-2024-10466	<128.4.0-r0
L GHSA-9v98-vwhg-6x24	<128.4.0-r0
M CVE-2024-10460	<128.4.0-r0
L GHSA-679j-4q32-w85w	<128.4.0-r0
M Authentication Bypass	<128.4.0-r0
L GHSA-87x3-r6f2-m885	<128.4.0-r0
C Use After Free	<128.3.1-r0
L GHSA-hm3j-qgpw-pj98	<128.3.1-r0
L CVE-2024-9396	<128.3.0-r0
L GHSA-99rj-hj9g-wrcv	<128.3.0-r0
L GHSA-g76c-5vhc-hqmg	<128.3.0-r0
H CVE-2024-9394	<128.3.0-r0
L GHSA-fc27-6qvc-xq94	<128.3.0-r0
L CVE-2024-9400	<128.3.0-r0
L CVE-2024-9402	<128.3.0-r0
L GHSA-qph8-rvxf-5936	<128.3.0-r0
M Improper Restriction of Rendered UI Layers or Frames	<128.3.0-r0
L GHSA-r28p-rpv4-w54r	<128.3.0-r0
L GHSA-vpgc-chc4-fq2j	<128.3.0-r0
H CVE-2024-9393	<128.3.0-r0
L CVE-2024-9401	<128.3.0-r0
L CVE-2024-9392	<128.3.0-r0
L GHSA-3qpq-hc75-5535	<128.3.0-r0
H CVE-2024-9399	<128.3.0-r0
L GHSA-rggh-rm3v-8xqj	<128.3.0-r0
L GHSA-hc6r-wpfc-q7m8	<128.3.0-r0
L GHSA-667m-43f5-gwwr	<128.3.0-r0
M CVE-2024-9398	<128.3.0-r0
H CVE-2024-8382	<128.2.0-r0
H CVE-2024-8383	<128.2.0-r0
L GHSA-m294-4vh4-9qwg	<128.2.0-r0
L GHSA-ph32-hgpc-r5j4	<128.2.0-r0
L GHSA-794f-5gfq-xmmq	<128.2.0-r0
L GHSA-6q4m-8cmc-2222	<128.2.0-r0
C Access of Resource Using Incompatible Type ('Type Confusion')	<128.2.0-r0
L GHSA-x565-97fv-jfr5	<128.2.0-r0
L GHSA-j3m3-gfhr-jmqf	<128.2.0-r0
L GHSA-p34f-6xg6-mcrp	<128.2.0-r0
C Out-of-bounds Write	<128.2.0-r0
C Out-of-bounds Write	<128.2.0-r0
C Access of Resource Using Incompatible Type ('Type Confusion')	<128.2.0-r0
M Open Redirect	<128.2.0-r0
L GHSA-gx25-vx95-m52w	<128.1.0-r0
L GHSA-7jrj-xq8x-h553	<128.1.0-r0
M CVE-2024-7518	<128.1.0-r0
H Access of Resource Using Incompatible Type ('Type Confusion')	<128.1.0-r0
H Out-of-bounds Read	<128.1.0-r0
L GHSA-563c-g7mm-g4xp	<128.1.0-r0
L GHSA-7j5g-jfh2-w58c	<128.1.0-r0
H Use After Free	<128.1.0-r0
M CVE-2024-7529	<128.1.0-r0
H Use After Free	<128.1.0-r0
L GHSA-hf5v-h65q-2g27	<128.1.0-r0
L GHSA-3jj9-9269-99m2	<128.1.0-r0
H Incorrect Default Permissions	<128.1.0-r0
C Out-of-bounds Write	<128.1.0-r0
L GHSA-69x6-6jqx-q847	<128.1.0-r0
H Improper Handling of Exceptional Conditions	<128.1.0-r0
L GHSA-7m9h-4qg6-4hmh	<128.1.0-r0
M Use of Uninitialized Resource	<128.1.0-r0
M CVE-2024-7531	<128.1.0-r0
L GHSA-7369-x5q2-rh2m	<128.1.0-r0
L GHSA-cr94-c6j4-q6g5	<128.1.0-r0
L GHSA-9wvx-3hw8-4ghf	<128.1.0-r0
L GHSA-mcjx-2c4v-mvg9	<128.1.0-r0
M Cross-site Scripting (XSS)	<128.1.0-r0
L CVE-2024-6603	<128.0-r0
L GHSA-8c8x-848r-wqq7	<128.0-r0
L GHSA-9vqr-5j64-p9wr	<128.0-r0
L GHSA-j476-hf2q-984g	<128.0-r0
L GHSA-rjwc-235r-8986	<128.0-r0
L CVE-2024-6604	<128.0-r0
L CVE-2024-6600	<128.0-r0
L GHSA-v6r5-wp7h-cj77	<128.0-r0
L CVE-2024-6601	<128.0-r0
L CVE-2024-6602	<128.0-r0
L GHSA-pxf8-583j-3rmh	<115.12.0-r0
L CVE-2024-5688	<115.12.0-r0
L CVE-2024-5693	<115.12.0-r0
L CVE-2024-5696	<115.12.0-r0
L GHSA-3fxj-qpxv-j6qj	<115.12.0-r0
M Information Exposure	<115.12.0-r0
L GHSA-pqfc-h2m7-5p9p	<115.12.0-r0
L GHSA-xhxm-p3qv-qprc	<115.12.0-r0
L CVE-2024-5700	<115.12.0-r0
L CVE-2024-5692	<115.12.0-r0
L CVE-2024-5702	<115.12.0-r0
L GHSA-pq6v-hjqm-frww	<115.12.0-r0
L GHSA-gmgg-93h8-cp32	<115.12.0-r0
L GHSA-gc3q-f2fq-g2xq	<115.12.0-r0
M CVE-2024-5691	<115.12.0-r0
L GHSA-g23m-h4v3-g2qq	<115.12.0-r0
L GHSA-qchj-32cr-96w5	<115.11.0-r0
L CVE-2024-4777	<115.11.0-r0
L GHSA-vgc7-vqc6-2858	<115.11.0-r0
L GHSA-wgrm-67xf-hhpq	<115.11.0-r0
L CVE-2024-4768	<115.11.0-r0
L GHSA-2fg8-6ggf-j2jg	<115.11.0-r0
L GHSA-fffc-4hjp-2r9v	<115.11.0-r0
L CVE-2024-4367	<115.11.0-r0
L CVE-2024-4769	<115.11.0-r0
L GHSA-7ggp-cp85-r5cg	<115.11.0-r0
L CVE-2024-4770	<115.11.0-r0
L CVE-2024-4767	<115.11.0-r0
L CVE-2024-3859	<115.10.0-r0
L GHSA-3vhm-v3w9-8mr8	<115.10.0-r0
L GHSA-mvc5-vcrh-v937	<115.10.0-r0
L CVE-2024-3864	<115.10.0-r0
L CVE-2024-3863	<115.10.0-r0
L CVE-2024-3861	<115.10.0-r0
L CVE-2024-3852	<115.10.0-r0
L GHSA-6f82-r7wj-8fxf	<115.10.0-r0
L CVE-2024-3302	<115.10.0-r0
L GHSA-8564-m639-jh8r	<115.10.0-r0
L GHSA-p6gp-c388-p4cr	<115.10.0-r0
L GHSA-pc7c-2483-8558	<115.10.0-r0
L CVE-2024-3854	<115.10.0-r0
L CVE-2024-3857	<115.10.0-r0
L GHSA-w74w-xq97-pg62	<115.10.0-r0
L GHSA-xc66-q4x2-cwqx	<115.10.0-r0
L GHSA-cm37-53wc-mx6g	<115.9.1-r0
L CVE-2024-2605	<115.9.1-r0
L GHSA-pwwp-85rf-2286	<115.9.1-r0
L CVE-2024-29944	<115.9.1-r0
L GHSA-28cv-45w7-c3g7	<115.9.1-r0
L GHSA-r78f-49fx-h798	<115.9.1-r0
L CVE-2023-5388	<115.9.1-r0
L CVE-2024-2612	<115.9.1-r0
L CVE-2024-2616	<115.9.1-r0
L CVE-2024-2607	<115.9.1-r0
L CVE-2024-2614	<115.9.1-r0
L GHSA-j8f6-q345-c99f	<115.9.1-r0
L GHSA-g2hf-9hjx-2rxj	<115.9.1-r0
L CVE-2024-2608	<115.9.1-r0
L CVE-2024-2611	<115.9.1-r0
L GHSA-mq9m-4hg9-c34x	<115.9.1-r0
L GHSA-9xvp-gqgg-hh2x	<115.9.1-r0
L GHSA-9crf-rxmh-772m	<115.9.1-r0
L CVE-2024-2610	<115.9.1-r0
L GHSA-63p7-87m3-8c9v	<115.9.1-r0
L GHSA-9m3j-vpcw-4f37	<115.8.0-r0
L CVE-2024-1547	<115.8.0-r0
L CVE-2024-1552	<115.8.0-r0
L GHSA-62vc-2f72-vcj3	<115.8.0-r0
L GHSA-372x-c6rw-v8f9	<115.8.0-r0
L CVE-2024-1549	<115.8.0-r0
L CVE-2024-1551	<115.8.0-r0
L GHSA-mf2m-vhfh-2qjv	<115.8.0-r0
L GHSA-hmqj-rccj-3q53	<115.8.0-r0
L GHSA-8q5j-74vg-j4hr	<115.8.0-r0
L CVE-2024-1550	<115.8.0-r0
L CVE-2024-1553	<115.8.0-r0
L GHSA-w267-2gcr-ggcp	<115.8.0-r0
L GHSA-cq85-4f5h-qqc4	<115.8.0-r0
L CVE-2024-1546	<115.8.0-r0
L CVE-2024-1548	<115.8.0-r0

Vulnerability

Vulnerable Version

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.5.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

Cross-site Scripting (XSS)

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

Authentication Bypass

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

<128.4.0-r0

Authentication Bypass

<128.4.0-r0

<128.4.0-r0

<128.3.1-r0

<128.3.1-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

Improper Restriction of Rendered UI Layers or Frames

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.3.0-r0

<128.2.0-r0

<128.2.0-r0

<128.2.0-r0

<128.2.0-r0

<128.2.0-r0

<128.2.0-r0

Access of Resource Using Incompatible Type ('Type Confusion')

<128.2.0-r0

<128.2.0-r0

<128.2.0-r0

<128.2.0-r0

<128.2.0-r0

<128.2.0-r0

Access of Resource Using Incompatible Type ('Type Confusion')

<128.2.0-r0

<128.2.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

Access of Resource Using Incompatible Type ('Type Confusion')

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

Incorrect Default Permissions

<128.1.0-r0

Out-of-bounds Write

<128.1.0-r0

GHSA-69x6-6jqx-q847

<128.1.0-r0

Improper Handling of Exceptional Conditions

<128.1.0-r0

GHSA-7m9h-4qg6-4hmh

<128.1.0-r0

Use of Uninitialized Resource

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

<128.1.0-r0

Cross-site Scripting (XSS)

<128.1.0-r0

<128.0-r0

<128.0-r0

<128.0-r0

<128.0-r0

<128.0-r0

<128.0-r0

<128.0-r0

<128.0-r0

<128.0-r0

<128.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.12.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.11.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.10.0-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.9.1-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

<115.8.0-r0

firefox-esr vulnerabilities

Direct Vulnerabilities

How to fix?