Homepage

firefox

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the firefox package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
GHSA-qh3h-3qgq-cxv8

<149.0.2-r0
  • C
Out-of-bounds Write

<149.0.2-r0
  • L
GHSA-qf82-86x2-7q23

<149.0.2-r0
  • L
GHSA-fwrw-mfrr-q8px

<149.0.2-r0
  • L
GHSA-mj57-mxq8-qvw9

<149.0.2-r0
  • L
CVE-2026-5733

<149.0.2-r0
  • L
CVE-2026-5731

<149.0.2-r0
  • L
CVE-2026-5732

<149.0.2-r0
  • C
Out-of-bounds Write

<149.0.2-r0
  • L
GHSA-rrjf-ccr2-ph7g

<149.0.2-r0
  • H
Integer Overflow or Wraparound

<149.0-r0
  • L
GHSA-qpjg-cffw-8m4r

<149.0-r0
  • L
GHSA-6q85-p5cm-28vf

<149.0-r0
  • C
CVE-2026-4710

<149.0-r0
  • L
GHSA-xh5h-c652-g9jr

<149.0-r0
  • C
CVE-2026-4692

<149.0-r0
  • L
GHSA-4pf4-jp4v-4g5c

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • C
CVE-2026-4717

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • H
Integer Overflow or Wraparound

<149.0-r0
  • L
GHSA-c3hv-rw36-5mgq

<149.0-r0
  • M
CVE-2026-4728

<149.0-r0
  • L
GHSA-px39-2r97-x6x6

<149.0-r0
  • L
CVE-2026-4720

<149.0-r0
  • H
CVE-2026-4727

<149.0-r0
  • L
GHSA-cm3f-xp4p-xgj7

<149.0-r0
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<149.0-r0
  • C
Use After Free

<149.0-r0
  • L
GHSA-h22r-8qx2-2mv3

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • H
CVE-2026-4712

<149.0-r0
  • L
GHSA-2qjw-h8g8-r86f

<149.0-r0
  • C
Use After Free

<149.0-r0
  • C
Use After Free

<149.0-r0
  • L
GHSA-mmvq-h6g9-8h39

<149.0-r0
  • L
GHSA-9r85-xf24-6724

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • L
GHSA-c97j-hmj5-572h

<149.0-r0
  • L
GHSA-5cgm-h8qg-5h77

<149.0-r0
  • C
CVE-2026-4705

<149.0-r0
  • L
GHSA-pm4j-pmqr-8gq4

<149.0-r0
  • C
Use of Uninitialized Resource

<149.0-r0
  • L
GHSA-hxpv-3x38-h8v5

<149.0-r0
  • L
GHSA-2mf6-25gq-26v8

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • L
GHSA-8768-346v-cvr2

<149.0-r0
  • C
Use After Free

<149.0-r0
  • L
GHSA-r7ww-hwqf-cqr6

<149.0-r0
  • L
GHSA-xr3f-844g-572f

<149.0-r0
  • C
Use After Free

<149.0-r0
  • C
Use After Free

<149.0-r0
  • L
GHSA-r67f-xmr7-94cc

<149.0-r0
  • C
CVE-2026-4724

<149.0-r0
  • L
CVE-2026-4729

<149.0-r0
  • L
GHSA-3rrq-fwhx-9wq4

<149.0-r0
  • C
Integer Overflow or Wraparound

<149.0-r0
  • L
GHSA-vxpv-c2h6-hq9v

<149.0-r0
  • L
GHSA-h895-88fj-h89r

<149.0-r0
  • L
GHSA-9979-85jw-xp9m

<149.0-r0
  • L
GHSA-8cfw-c9hx-8f9v

<149.0-r0
  • C
Use of Uninitialized Resource

<149.0-r0
  • L
GHSA-j97q-98f4-5wq3

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • L
GHSA-gw7x-g9xx-wmm2

<149.0-r0
  • L
GHSA-cr5g-9frg-q8m8

<149.0-r0
  • L
CVE-2026-4721

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • H
CVE-2026-4704

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • L
GHSA-mrrg-439g-x65p

<149.0-r0
  • L
GHSA-h6r3-p5gv-5qgc

<149.0-r0
  • L
GHSA-cj36-hxhv-2qxh

<149.0-r0
  • L
GHSA-7364-g429-cg4v

<149.0-r0
  • H
CVE-2026-4718

<149.0-r0
  • L
GHSA-6956-6r33-f8xw

<149.0-r0
  • L
GHSA-954r-qq48-9vr2

<149.0-r0
  • L
GHSA-vcpc-fv28-ppg5

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • L
GHSA-pqfx-cwf8-965q

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • C
Use After Free

<149.0-r0
  • L
GHSA-fmr6-7878-wx6p

<149.0-r0
  • L
GHSA-f58q-fr7j-32m6

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • L
GHSA-6hmc-rvh2-wxq3

<149.0-r0
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<149.0-r0
  • L
GHSA-x3f3-63g4-54j4

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • L
CVE-2026-4684

<149.0-r0
  • L
GHSA-mrxg-j2xh-wg8q

<149.0-r0
  • L
GHSA-8mgc-3hv6-4893

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • H
CVE-2026-4726

<149.0-r0
  • L
GHSA-xh4v-qr89-3hj3

<149.0-r0
  • L
GHSA-j5qx-hh9g-j6wj

<149.0-r0
  • H
Improper Check for Unusual or Exceptional Conditions

<149.0-r0
  • L
GHSA-2r77-x4qh-mhc3

<149.0-r0
  • L
CVE-2026-4722

<149.0-r0
  • C
CVE-2026-4700

<149.0-r0
  • L
CVE-2026-2447

<148.0-r0
  • L
GHSA-c99q-x737-hc5j

<148.0-r0
  • M
Information Exposure

<144.0.2-r0
  • L
GHSA-64x6-q8pq-xjmg

<144.0.2-r0
  • L
CVE-2025-49709

<139.0.4-r0
  • L
CVE-2025-49710

<139.0.4-r0
  • L
CVE-2025-5020

<139.0-r0
  • H
Access Restriction Bypass

<136.0.3-r0
  • C
Resource Management Errors

<136.0.3-r0
  • H
CVE-2024-9399

<136.0.2-r0
  • L
CVE-2024-9391

<136.0.2-r0
  • M
Open Redirect

<136.0.2-r0
  • L
CVE-2024-9402

<136.0.2-r0
  • L
CVE-2024-9392

<136.0.2-r0
  • L
CVE-2024-9396

<136.0.2-r0
  • M
CVE-2024-9398

<136.0.2-r0
  • L
CVE-2024-9403

<136.0.2-r0
  • H
CVE-2024-9394

<136.0.2-r0
  • L
CVE-2024-9400

<136.0.2-r0
  • H
CVE-2024-9393

<136.0.2-r0
  • M
Information Exposure

<136.0.2-r0
  • L
CVE-2024-9395

<136.0.2-r0
  • M
Improper Restriction of Rendered UI Layers or Frames

<136.0.2-r0
  • L
CVE-2024-9401

<136.0.2-r0
  • H
Improper Resource Shutdown or Release

<136.0.2-r0
  • H
CVE-2025-1011

<135.0-r0
  • M
Improper Restriction of Rendered UI Layers or Frames

<135.0-r0
  • H
Use After Free

<135.0-r0
  • L
CVE-2025-1013

<135.0-r0
  • C
Out-of-bounds Write

<135.0-r0
  • H
Use After Free

<135.0-r0
  • M
Improper Restriction of Rendered UI Layers or Frames

<135.0-r0
  • H
Improper Certificate Validation

<135.0-r0
  • C
Out-of-bounds Write

<135.0-r0
  • C
Use After Free

<135.0-r0
  • C
Out-of-bounds Write

<135.0-r0
  • L
CVE-2025-0239

<134.0-r0
  • L
CVE-2025-0237

<134.0-r0
  • L
Out-of-bounds Write

<134.0-r0
  • L
CVE-2025-0241

<134.0-r0
  • L
CVE-2025-0245

<134.0-r0
  • L
CVE-2025-0240

<134.0-r0
  • L
CVE-2025-0238

<134.0-r0
  • L
Out-of-bounds Write

<134.0-r0
  • L
CVE-2025-0244

<134.0-r0
  • L
CVE-2025-0242

<134.0-r0
  • L
CVE-2025-0246

<134.0-r0
  • L
CVE-2024-11701

<133.0-r0
  • L
CVE-2024-11696

<133.0-r0
  • L
CVE-2024-11692

<133.0-r0
  • L
CVE-2024-11695

<133.0-r0
  • L
CVE-2024-11694

<133.0-r0
  • L
CVE-2024-11708

<133.0-r0
  • L
CVE-2024-11697

<133.0-r0
  • L
CVE-2024-11702

<133.0-r0
  • L
CVE-2024-11691

<133.0-r0
  • L
CVE-2024-11700

<133.0-r0
  • L
CVE-2024-11706

<133.0-r0
  • L
CVE-2024-11693

<133.0-r0
  • L
CVE-2024-11703

<133.0-r0
  • L
CVE-2024-53976

<133.0-r0
  • L
CVE-2024-11698

<133.0-r0
  • L
CVE-2024-11699

<133.0-r0
  • L
CVE-2024-53975

<133.0-r0
  • L
CVE-2024-11705

<133.0-r0
  • L
CVE-2024-11704

<133.0-r0
  • M
Out-of-bounds Read

<132.0-r0
  • H
Out-of-bounds Write

<132.0-r0
  • M
Authentication Bypass

<132.0-r0
  • M
Information Exposure

<132.0-r0
  • M
Cross-site Scripting (XSS)

<132.0-r0
  • H
CVE-2024-10466

<132.0-r0
  • M
CVE-2024-10460

<132.0-r0
  • H
Use After Free

<132.0-r0
  • M
Authentication Bypass

<132.0-r0
  • H
CVE-2024-10458

<132.0-r0
  • L
CVE-2024-10004

<132.0-r0
  • M
Race Condition

<132.0-r0
  • L
CVE-2024-9936

<131.0.3-r0
  • M
Open Redirect

<130.0-r0
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<130.0-r0
  • C
Out-of-bounds Write

<130.0-r0
  • C
Out-of-bounds Write

<130.0-r0
  • H
CVE-2024-8382

<130.0-r0
  • H
CVE-2024-8383

<130.0-r0
  • C
Out-of-bounds Write

<130.0-r0
  • M
CVE-2024-8388

<130.0-r0
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<130.0-r0
  • M
Open Redirect

<130.0.1-r0
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<129.0.2-r0
  • H
Use After Free

<129.0.2-r0
  • M
CVE-2024-7518

<129.0.2-r0
  • M
Use of Uninitialized Resource

<129.0.2-r0
  • H
Use After Free

<129.0.2-r0
  • M
Cross-site Scripting (XSS)

<129.0.2-r0
  • M
Cross-site Scripting (XSS)

<129.0.2-r0
  • M
CVE-2024-7529

<129.0.2-r0
  • H
Use After Free

<129.0.2-r0
  • C
Out-of-bounds Write

<129.0.2-r0
  • M
Cross-site Scripting (XSS)

<129.0.2-r0
  • H
Improper Handling of Exceptional Conditions

<129.0.2-r0
  • M
CVE-2024-7531

<129.0.2-r0
  • H
Out-of-bounds Read

<129.0.2-r0
  • H
Incorrect Default Permissions

<129.0.2-r0
  • M
Cross-site Scripting (XSS)

<129.0.2-r0
  • H
CVE-2024-7523

<129.0.2-r0
  • L
CVE-2024-6611

<128.0-r0
  • L
CVE-2024-6614

<128.0-r0
  • L
CVE-2024-6612

<128.0-r0
  • M
CVE-2024-6608

<128.0-r0
  • M
CVE-2024-6610

<128.0-r0
  • L
CVE-2024-6605

<128.0-r0
  • L
CVE-2024-6607

<128.0-r0
  • H
CVE-2024-6609

<128.0-r0
  • L
CVE-2024-6613

<128.0-r0
  • L
CVE-2024-6615

<128.0-r0
  • L
CVE-2024-6600

<128.0-r0
  • L
CVE-2024-6602

<128.0-r0
  • L
CVE-2024-6604

<128.0-r0
  • L
CVE-2024-6603

<128.0-r0
  • L
CVE-2024-6606

<128.0-r0
  • L
CVE-2024-6601

<128.0-r0
  • L
CVE-2024-5688

<127.0.2-r0
  • H
Use After Free

<127.0.2-r0
  • M
CVE-2024-5691

<127.0.2-r0
  • M
CVE-2024-38312

<127.0.2-r0
  • L
CVE-2024-5687

<127.0.2-r0
  • C
Out-of-bounds Write

<127.0.2-r0
  • L
CVE-2024-5701

<127.0.2-r0
  • M
Improper Restriction of Rendered UI Layers or Frames

<127.0.2-r0
  • L
CVE-2024-5696

<127.0.2-r0
  • M
CVE-2024-5689

<127.0.2-r0
  • L
CVE-2024-5692

<127.0.2-r0
  • L
CVE-2024-5699

<127.0.2-r0
  • M
Information Exposure

<127.0.2-r0
  • L
CVE-2024-5700

<127.0.2-r0
  • M
CVE-2024-5697

<127.0.2-r0
  • M
CVE-2024-38313

<127.0.2-r0
  • L
CVE-2024-5693

<127.0.2-r0