firefox-esr vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the firefox-esr package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2024-11692

<128.5.0esr-1~deb11u1
  • L
CVE-2024-11696

<128.5.0esr-1~deb11u1
  • L
CVE-2024-11695

<128.5.0esr-1~deb11u1
  • L
CVE-2024-11699

<128.5.0esr-1~deb11u1
  • L
CVE-2024-11697

<128.5.0esr-1~deb11u1
  • L
CVE-2024-11694

<128.5.0esr-1~deb11u1
  • M
CVE-2024-10460

<128.4.0esr-1~deb11u1
  • H
Out-of-bounds Write

<128.4.0esr-1~deb11u1
  • M
Out-of-bounds Read

<128.4.0esr-1~deb11u1
  • M
Authentication Bypass

<128.4.0esr-1~deb11u1
  • H
Use After Free

<128.4.0esr-1~deb11u1
  • M
Information Exposure

<128.4.0esr-1~deb11u1
  • M
Cross-site Scripting (XSS)

<128.4.0esr-1~deb11u1
  • H
CVE-2024-10458

<128.4.0esr-1~deb11u1
  • H
CVE-2024-10466

<128.4.0esr-1~deb11u1
  • M
Authentication Bypass

<128.4.0esr-1~deb11u1
  • C
Use After Free

<128.3.1esr-1~deb11u1
  • L
CVE-2024-9401

<128.3.0esr-1~deb11u2
  • H
CVE-2024-9394

<128.3.0esr-1~deb11u2
  • H
CVE-2024-9393

<128.3.0esr-1~deb11u2
  • L
CVE-2024-9392

<128.3.0esr-1~deb11u2
  • L
CVE-2024-7652

<115.13.0esr-1~deb11u1
  • C
Out-of-bounds Write

<115.15.0esr-1~deb11u1
  • H
CVE-2024-8382

<115.15.0esr-1~deb11u1
  • H
CVE-2024-8383

<115.15.0esr-1~deb11u1
  • C
Access of Resource Using Incompatible Type ('Type Confusion')

<115.15.0esr-1~deb11u1
  • M
CVE-2024-7531

<115.14.0esr-1~deb11u1
  • H
Improper Handling of Exceptional Conditions

<115.14.0esr-1~deb11u1
  • M
Cross-site Scripting (XSS)

<115.14.0esr-1~deb11u1
  • H
Use After Free

<115.14.0esr-1~deb11u1
  • M
Use of Uninitialized Resource

<115.14.0esr-1~deb11u1
  • H
Out-of-bounds Read

<115.14.0esr-1~deb11u1
  • C
Out-of-bounds Write

<115.14.0esr-1~deb11u1
  • H
Incorrect Default Permissions

<115.14.0esr-1~deb11u1
  • M
CVE-2024-7529

<115.14.0esr-1~deb11u1
  • L
CVE-2024-6601

<115.13.0esr-1~deb11u1
  • L
CVE-2024-6604

<115.13.0esr-1~deb11u1
  • L
CVE-2024-6602

<115.13.0esr-1~deb11u1
  • L
CVE-2024-6603

<115.13.0esr-1~deb11u1
  • M
CVE-2024-5691

<115.12.0esr-1~deb11u1
  • L
CVE-2024-5696

<115.12.0esr-1~deb11u1
  • L
CVE-2024-5702

<115.12.0esr-1~deb11u1
  • L
CVE-2024-5693

<115.12.0esr-1~deb11u1
  • L
CVE-2024-5688

<115.12.0esr-1~deb11u1
  • L
CVE-2024-5700

<115.12.0esr-1~deb11u1
  • M
Information Exposure

<115.12.0esr-1~deb11u1
  • L
CVE-2024-4770

<115.11.0esr-1~deb11u1
  • L
CVE-2024-4367

<115.11.0esr-1~deb11u1
  • L
CVE-2024-4767

<115.11.0esr-1~deb11u1
  • L
CVE-2024-4777

<115.11.0esr-1~deb11u1
  • L
CVE-2024-4769

<115.11.0esr-1~deb11u1
  • L
CVE-2024-4768

<115.11.0esr-1~deb11u1
  • L
CVE-2024-3854

<115.10.0esr-1~deb11u1
  • L
CVE-2024-3861

<115.10.0esr-1~deb11u1
  • L
CVE-2024-3859

<115.10.0esr-1~deb11u1
  • L
CVE-2024-3864

<115.10.0esr-1~deb11u1
  • L
CVE-2024-3857

<115.10.0esr-1~deb11u1
  • L
CVE-2024-3852

<115.10.0esr-1~deb11u1
  • L
CVE-2024-2609

<115.10.0esr-1~deb11u1
  • L
CVE-2024-3302

<115.10.0esr-1~deb11u1
  • L
CVE-2024-29944

<115.9.1esr-1~deb11u1
  • L
CVE-2024-2610

<115.9.0esr-1~deb11u1
  • H
Unchecked Return Value

<115.9.0esr-1~deb11u1
  • L
CVE-2023-5388

<115.9.0esr-1~deb11u1
  • L
CVE-2024-2607

<115.9.0esr-1~deb11u1
  • L
CVE-2024-2616

<115.9.0esr-1~deb11u1
  • L
CVE-2024-2612

<115.9.0esr-1~deb11u1
  • L
CVE-2024-2614

<115.9.0esr-1~deb11u1
  • L
CVE-2024-2611

<115.9.0esr-1~deb11u1
  • L
CVE-2024-2608

<115.9.0esr-1~deb11u1
  • L
CVE-2024-1551

<115.8.0esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<115.8.0esr-1~deb11u1
  • M
CVE-2024-1547

<115.8.0esr-1~deb11u1
  • H
Incorrect Conversion between Numeric Types

<115.8.0esr-1~deb11u1
  • L
CVE-2024-1548

<115.8.0esr-1~deb11u1
  • L
CVE-2024-1549

<115.8.0esr-1~deb11u1
  • L
CVE-2024-1546

<115.8.0esr-1~deb11u1
  • L
CVE-2024-1553

<115.8.0esr-1~deb11u1
  • M
Origin Validation Error

<115.7.0esr-1~deb11u1
  • M
CVE-2024-0746

<115.7.0esr-1~deb11u1
  • H
CVE-2024-0755

<115.7.0esr-1~deb11u1
  • H
Improper Privilege Management

<115.7.0esr-1~deb11u1
  • M
Out-of-bounds Write

<115.7.0esr-1~deb11u1
  • H
CVE-2024-0750

<115.7.0esr-1~deb11u1
  • M
CVE-2024-0753

<115.7.0esr-1~deb11u1
  • M
CVE-2024-0742

<115.7.0esr-1~deb11u1
  • M
CVE-2024-0747

<115.7.0esr-1~deb11u1
  • H
Out-of-bounds Write

<115.6.0esr-1~deb11u1
  • H
CVE-2023-6863

<115.6.0esr-1~deb11u1
  • M
CVE-2023-6865

<115.6.0esr-1~deb11u1
  • H
Out-of-bounds Write

<115.6.0esr-1~deb11u1
  • H
Use After Free

<115.6.0esr-1~deb11u1
  • M
CVE-2023-6860

<115.6.0esr-1~deb11u1
  • H
Out-of-bounds Write

<115.6.0esr-1~deb11u1
  • H
Out-of-bounds Write

<115.6.0esr-1~deb11u1
  • H
Use After Free

<115.6.0esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<115.6.0esr-1~deb11u1
  • M
Race Condition

<115.6.0esr-1~deb11u1
  • M
Use After Free

<115.5.0esr-1~deb11u1
  • M
Directory Traversal

<115.5.0esr-1~deb11u1
  • M
Out-of-bounds Read

<115.5.0esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<115.5.0esr-1~deb11u1
  • H
CVE-2023-6208

<115.5.0esr-1~deb11u1
  • H
Out-of-bounds Write

<115.5.0esr-1~deb11u1
  • H
Use After Free

<115.5.0esr-1~deb11u1
  • M
CVE-2023-5732

<115.4.0esr-1~deb11u1
  • M
CVE-2023-5725

<115.4.0esr-1~deb11u1
  • H
CVE-2023-5728

<115.4.0esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<115.4.0esr-1~deb11u1
  • H
CVE-2023-5724

<115.4.0esr-1~deb11u1
  • C
Out-of-bounds Write

<115.4.0esr-1~deb11u1
  • H
Out-of-bounds Write

<115.3.1esr-1~deb11u1
  • M
Use After Free

<115.3.0esr-1~deb11u1
  • C
Out-of-bounds Write

<115.3.0esr-1~deb11u1
  • M
Out-of-bounds Write

<115.3.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.15.1esr-1~deb11u1
  • M
CVE-2023-4581

<102.15.0esr-1~deb11u1
  • M
Use After Free

<102.15.0esr-1~deb11u1
  • M
Use After Free

<102.15.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.15.0esr-1~deb11u1
  • M
Use After Free

<102.15.0esr-1~deb11u1
  • M
Origin Validation Error

<102.14.0esr-1~deb11u1
  • H
CVE-2023-4047

<102.14.0esr-1~deb11u1
  • M
Race Condition

<102.14.0esr-1~deb11u1
  • H
Out-of-bounds Read

<102.14.0esr-1~deb11u1
  • M
CVE-2023-4046

<102.14.0esr-1~deb11u1
  • C
Out-of-bounds Write

<102.14.0esr-1~deb11u1
  • H
CVE-2023-4055

<102.14.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.14.0esr-1~deb11u1
  • H
Use After Free

<102.13.0esr-1~deb11u1
  • H
Use After Free

<102.13.0esr-1~deb11u1
  • H
CVE-2023-37208

<102.13.0esr-1~deb11u1
  • M
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<102.13.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.13.0esr-1~deb11u1
  • C
Out-of-bounds Write

<102.12.0esr-1~deb11u1
  • L
Improper Certificate Validation

<102.12.0esr-1~deb11u1
  • H
Authentication Bypass

<102.11.0esr-1~deb11u1
  • M
Out-of-bounds Read

<102.11.0esr-1~deb11u1
  • M
CVE-2023-32211

<102.11.0esr-1~deb11u1
  • M
CVE-2023-32205

<102.11.0esr-1~deb11u1
  • H
Use of Uninitialized Resource

<102.11.0esr-1~deb11u1
  • M
CVE-2023-32212

<102.11.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.11.0esr-1~deb11u1
  • H
Double Free

<102.10.0esr-1~deb11u1
  • M
Out-of-bounds Write

<102.10.0esr-1~deb11u1
  • H
Improper Encoding or Escaping of Output

<102.10.0esr-1~deb11u1
  • H
CVE-2023-29550

<102.10.0esr-1~deb11u1
  • M
CVE-2023-29548

<102.10.0esr-1~deb11u1
  • H
Use After Free

<102.10.0esr-1~deb11u1
  • M
CVE-2023-29535

<102.10.0esr-1~deb11u1
  • H
NULL Pointer Dereference

<102.10.0esr-1~deb11u1
  • M
CVE-2023-29533

<102.10.0esr-1~deb11u1
  • M
CVE-2023-25751

<102.9.0esr-1~deb11u1
  • M
CVE-2023-25752

<102.9.0esr-1~deb11u1
  • M
CVE-2023-28164

<102.9.0esr-1~deb11u1
  • H
Incorrect Type Conversion or Cast

<102.9.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.9.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.8.0esr-1~deb11u1
  • M
CVE-2023-25742

<102.8.0esr-1~deb11u1
  • H
Use After Free

<102.8.0esr-1~deb11u1
  • H
CVE-2023-25737

<102.8.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.8.0esr-1~deb11u1
  • M
CVE-2023-25728

<102.8.0esr-1~deb11u1
  • H
CVE-2023-25729

<102.8.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.8.0esr-1~deb11u1
  • M
CVE-2023-25730

<102.8.0esr-1~deb11u1
  • H
CVE-2023-0767

<102.8.0esr-1~deb11u1
  • H
Use After Free

<102.8.0esr-1~deb11u1
  • M
Origin Validation Error

<102.7.0esr-1~deb11u1
  • M
CVE-2023-23603

<102.7.0esr-1~deb11u1
  • M
Improper Check for Unusual or Exceptional Conditions

<102.7.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.7.0esr-1~deb11u1
  • M
CVE-2023-23598

<102.7.0esr-1~deb11u1
  • C
CVE-2021-4127

<78.9.0esr-1
  • C
Out-of-bounds Write

<91.4.1esr-1~deb11u1
  • M
Out-of-bounds Read

<102.3.0esr-1~deb11u1
  • M
Use After Free

<102.6.0esr-1~deb11u1
  • C
Use After Free

<102.6.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.6.0esr-1~deb11u1
  • H
CVE-2022-46871

<102.7.0esr-1~deb11u1
  • H
CVE-2022-46874

<102.6.0esr-1~deb11u1
  • H
CVE-2022-46872

<102.6.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.6.0esr-1~deb11u1
  • M
CVE-2022-46877

<102.7.0esr-1~deb11u1
  • M
CVE-2022-45408

<102.5.0esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<102.5.0esr-1~deb11u1
  • M
CVE-2022-45410

<102.5.0esr-1~deb11u1
  • H
Use After Free

<102.5.0esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<102.5.0esr-1~deb11u1
  • H
Link Following

<102.5.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.5.0esr-1~deb11u1
  • M
CVE-2022-45404

<102.5.0esr-1~deb11u1
  • M
Cross-site Scripting (XSS)

<102.5.0esr-1~deb11u1
  • M
Information Exposure

<102.5.0esr-1~deb11u1
  • C
Use After Free

<102.5.0esr-1~deb11u1
  • M
Use After Free

<102.5.0esr-1~deb11u1
  • M
Information Exposure

<102.5.0esr-1~deb11u1
  • H
Origin Validation Error

<102.4.0esr-1~deb11u1
  • H
NULL Pointer Dereference

<102.4.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.4.0esr-1~deb11u1
  • M
CVE-2022-42929

<102.4.0esr-1~deb11u1
  • M
Arbitrary Code Injection

<102.3.0esr-1~deb11u1
  • M
CVE-2022-40957

<102.3.0esr-1~deb11u1
  • M
Cross-site Scripting (XSS)

<102.3.0esr-1~deb11u1
  • M
Use After Free

<102.3.0esr-1~deb11u1
  • M
Insecure Storage of Sensitive Information

<102.3.0esr-1~deb11u1
  • H
Out-of-bounds Write

<102.3.0esr-1~deb11u1
  • H
Improper Preservation of Permissions

<91.13.0esr-1~deb11u1
  • M
Origin Validation Error

<91.13.0esr-1~deb11u1
  • H
Out-of-bounds Write

<91.13.0esr-1~deb11u1
  • H
CVE-2022-36319

<91.12.0esr-1~deb11u1
  • M
Race Condition

<91.12.0esr-1~deb11u1
  • M
CVE-2022-34472

<91.11.0esr-1~deb11u1
  • H
CVE-2022-34468

<91.11.0esr-1~deb11u1
  • M
CVE-2022-34479

<91.11.0esr-1~deb11u1
  • C
Use After Free

<91.11.0esr-1~deb11u1
  • H
Integer Overflow or Wraparound

<91.11.0esr-1~deb11u1
  • H
Use After Free

<91.11.0esr-1~deb11u1
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<91.11.0esr-1~deb11u1
  • M
CVE-2022-31742

<91.10.0esr-1~deb11u1
  • M
Cross-site Scripting (XSS)

<91.11.0esr-1~deb11u1
  • C
CVE-2022-31736

<91.10.0esr-1~deb11u1
  • C
Out-of-bounds Write

<91.10.0esr-1~deb11u1
  • H
Use of Uninitialized Resource

<91.10.0esr-1~deb11u1
  • M
Authentication Bypass

<91.10.0esr-1~deb11u1
  • C
Out-of-bounds Read

<91.10.0esr-1~deb11u1
  • H
CVE-2022-31740

<91.10.0esr-1~deb11u1
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<91.9.1esr-1~deb11u1
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<91.9.1esr-1~deb11u1
  • H
Incorrect Default Permissions

<91.9.0esr-1~deb11u1
  • C
Out-of-bounds Write

<91.9.0esr-1~deb11u1
  • M
Open Redirect

<91.9.0esr-1~deb11u1
  • M
CVE-2022-29914

<91.9.0esr-1~deb11u1
  • M
CVE-2022-29916

<91.9.0esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<91.9.0esr-1~deb11u1
  • M
Use After Free

<91.8.0esr-1~deb11u1
  • M
Out-of-bounds Read

<91.8.0esr-1~deb11u1
  • M
Use After Free

<91.8.0esr-1~deb11u1
  • M
Use After Free

<91.8.0esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<91.8.0esr-1~deb11u1
  • H
Out-of-bounds Write

<91.8.0esr-1~deb11u1
  • H
Out-of-bounds Write

<91.8.0esr-1~deb11u1
  • H
Inefficient Regular Expression Complexity

<91.8.0esr-1~deb11u1
  • M
CVE-2022-26386

<91.7.0esr-1~deb11u1
  • H
Time-of-check Time-of-use (TOCTOU)

<91.7.0esr-1~deb11u1
  • C
CVE-2022-26384

<91.7.0esr-1~deb11u1
  • M
CVE-2022-26383

<91.7.0esr-1~deb11u1
  • H
Use After Free

<91.7.0esr-1~deb11u1
  • C
Use After Free

<91.6.1esr-1~deb11u1
  • H
Use After Free

<91.6.1esr-1~deb11u1
  • H
CVE-2022-22763

<91.6.0esr-1~deb11u1
  • C
CVE-2022-22759

<91.6.0esr-1~deb11u1
  • H
Out-of-bounds Write

<91.6.0esr-1~deb11u1
  • M
Information Exposure

<91.6.0esr-1~deb11u1
  • H
CVE-2022-22761

<91.6.0esr-1~deb11u1
  • M
Incorrect Authorization

<91.6.0esr-1~deb11u1
  • H
CVE-2022-22756

<91.6.0esr-1~deb11u1
  • H
Out-of-bounds Write

<91.5.0esr-1~deb11u1
  • M
CVE-2022-22743

<91.5.0esr-1~deb11u1
  • M
Out-of-bounds Read

<91.5.0esr-1~deb11u1
  • M
Improper Certificate Validation

<91.5.0esr-1~deb11u1
  • H
CVE-2022-22741

<91.5.0esr-1~deb11u1
  • H
Use After Free

<91.5.0esr-1~deb11u1
  • C
XML Injection

<91.5.0esr-1~deb11u1
  • M
CVE-2022-22739

<91.5.0esr-1~deb11u1
  • H
Out-of-bounds Write

<91.5.0esr-1~deb11u1
  • M
CVE-2022-22745

<91.5.0esr-1~deb11u1
  • M
CVE-2022-22748

<91.5.0esr-1~deb11u1
  • H
Race Condition

<91.5.0esr-1~deb11u1
  • H
Use After Free

<91.4.1esr-1~deb11u1
  • H
Out-of-bounds Write

<91.4.1esr-1~deb11u1
  • H
Use After Free

<91.4.1esr-1~deb11u1
  • M
Information Exposure

<91.4.1esr-1~deb11u1
  • M
Race Condition

<91.4.1esr-1~deb11u1
  • M
CVE-2021-43541

<91.4.1esr-1~deb11u1
  • M
Excessive Iteration

<91.4.1esr-1~deb11u1
  • M
Cross-site Scripting (XSS)

<91.4.1esr-1~deb11u1
  • H
Incorrect Type Conversion or Cast

<91.4.1esr-1~deb11u1
  • M
Information Exposure

<91.4.1esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<91.4.1esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<91.4.1esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<91.4.1esr-1~deb11u1
  • H
Use After Free

<91.4.1esr-1~deb11u1
  • M
Origin Validation Error

<91.4.1esr-1~deb11u1
  • M
Improper Restriction of Rendered UI Layers or Frames

<91.4.1esr-1~deb11u1
  • C
Incorrect Authorization

<91.4.1esr-1~deb11u1
  • H
CVE-2021-38500

<78.15.0esr-1~deb11u1
  • H
Use After Free

<78.15.0esr-1~deb11u1
  • H
Out-of-bounds Write

<78.14.0esr-1~deb11u1
  • H
Race Condition

<78.13.0esr-1~deb11u1
  • H
Missing Initialization of Resource

<78.13.0esr-1~deb11u1
  • H
Interpretation Conflict

<78.13.0esr-1~deb11u1
  • H
Out-of-Bounds

<78.13.0esr-1~deb11u1
  • H
Use After Free

<78.13.0esr-1~deb11u1
  • H
CVE-2021-29984

<78.13.0esr-1~deb11u1
  • H
Use After Free

<78.12.0esr-1
  • H
Out-of-bounds Write

<78.12.0esr-1
  • M
Arbitrary Code Injection

<78.9.0esr-1
  • H
Out-of-bounds Write

<78.12.0esr-1
  • H
Out-of-Bounds

<78.11.0esr-1
  • H
Missing Initialization of Resource

<78.10.0esr-1
  • H
Operation on a Resource after Expiration or Release

<78.10.0esr-1
  • H
Arbitrary Argument Injection

<78.10.0esr-1
  • M
Incorrect Calculation

<78.10.0esr-1
  • H
Integer Overflow or Wraparound

<78.10.0esr-1
  • H
Improper Privilege Management

<78.10.0esr-1
  • M
Insufficient Verification of Data Authenticity

<78.10.0esr-1
  • M
Authentication Bypass

<78.9.0esr-1
  • H
Out-of-Bounds

<78.9.0esr-1
  • M
Inadequate Encryption Strength

<78.9.0esr-1
  • H
Out-of-Bounds

<78.9.0esr-1
  • H
CVE-2021-23978

<78.8.0esr-1
  • M
Information Exposure

<78.8.0esr-1
  • M
Information Exposure

<78.8.0esr-1
  • M
CVE-2021-23969

<78.8.0esr-1
  • H
Out-of-Bounds

<78.7.0esr-1
  • H
CVE-2021-23960

<78.7.0esr-1
  • H
CVE-2021-23961

<78.10.0esr-1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<78.7.0esr-1
  • M
CVE-2021-23953

<78.7.0esr-1
  • H
Use After Free

<78.6.1esr-1
  • H
Out-of-bounds Write

<78.6.0esr-1
  • H
Out-of-bounds Write

<78.6.0esr-1
  • H
CVE-2020-26973

<78.6.0esr-1
  • M
CVE-2020-35111

<78.6.0esr-1
  • H
Out-of-bounds Write

<78.6.0esr-1
  • M
CVE-2020-26976

<78.7.0esr-1
  • M
CVE-2020-26978

<78.6.0esr-1
  • M
Information Exposure

<78.6.0esr-1
  • H
Out-of-bounds Write

<78.5.0esr-1
  • H
Use After Free

<78.5.0esr-1
  • M
CVE-2020-26961

<78.5.0esr-1
  • H
Use After Free

<78.5.0esr-1
  • M
Improper Cross-boundary Removal of Sensitive Data

<78.5.0esr-1
  • M
Cross-site Scripting (XSS)

<78.5.0esr-1
  • M
Improper Restriction of Rendered UI Layers or Frames

<78.5.0esr-1
  • M
Cross-site Scripting (XSS)

<78.5.0esr-1
  • M
Cross-site Scripting (XSS)

<78.5.0esr-1
  • M
CVE-2020-16012

<78.5.0esr-1
  • H
Use After Free

<78.4.1esr-1
  • C
CVE-2020-15683

<78.4.0esr-1
  • H
Use After Free

<78.4.0esr-1
  • M
Cross-site Scripting (XSS)

<78.3.0esr-1
  • H
Use After Free

<78.3.0esr-1
  • M
Open Redirect

<78.3.0esr-1
  • H
Release of Invalid Pointer or Reference

<78.3.0esr-1
  • H
Use After Free

<68.12.0esr-1
  • M
Incorrect Authorization

<68.12.0esr-1
  • M
Origin Validation Error

<68.11.0esr-1
  • H
Out-of-bounds Write

<68.11.0esr-1
  • M
CVE-2020-6514

<68.11.0esr-1
  • M
Out-of-bounds Read

<68.10.0esr-1
  • H
Out-of-Bounds

<68.10.0esr-1
  • H
Use After Free

<68.10.0esr-1
  • M
Improper Certificate Validation

<68.10.0esr-1
  • H
Use After Free

<68.10.0esr-1
  • H
Out-of-Bounds

<68.9.0esr-1
  • H
Insufficient Verification of Data Authenticity

<68.9.0esr-1
  • M
Use After Free

<68.9.0esr-1
  • H
Use After Free

<68.11.0esr-1
  • M
Information Exposure

<68.9.0esr-1
  • H
Race Condition

<68.8.0esr-1
  • C
Buffer Overflow

<68.8.0esr-1
  • M
Information Exposure

<68.8.0esr-1
  • C
Out-of-Bounds

<68.8.0esr-1
  • H
Out-of-Bounds

<68.7.0esr-1
  • C
Out-of-Bounds

<68.7.0esr-1
  • H
Out-of-bounds Write

<68.7.0esr-1
  • H
Use After Free

<68.6.1esr-1
  • H
Double Free

<68.6.1esr-1
  • M
Information Exposure

<68.6.0esr-1
  • H
Use After Free

<68.6.0esr-1
  • H
Use After Free

<68.6.0esr-1
  • H
Arbitrary Code Injection

<68.6.0esr-1
  • H
Out-of-bounds Read

<68.6.0esr-1
  • C
Out-of-Bounds

<68.6.0esr-1
  • M
Out-of-bounds Read

<68.6.0esr-1
  • M
Cross-site Scripting (XSS)

<68.5.0esr-1
  • H
Out-of-Bounds

<68.5.0esr-1
  • H
Out-of-bounds Write

<68.5.0esr-1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<68.4.1esr-1
  • H
Buffer Overflow

<68.4.0esr-1
  • M
Cross-site Scripting (XSS)

<68.4.0esr-1
  • M
Cross-site Scripting (XSS)

<68.4.0esr-1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<68.4.0esr-1
  • H
Use After Free

<68.3.0esr-1
  • H
Use After Free

<68.3.0esr-1
  • H
Use After Free

<68.3.0esr-1
  • H
Buffer Overflow

<68.3.0esr-1
  • H
Buffer Overflow

<68.3.0esr-1
  • M
Origin Validation Error

<68.2.0esr-1
  • M
Race Condition

<68.2.0esr-1
  • M
Cross-site Scripting (XSS)

<68.2.0esr-1
  • H
Use After Free

<68.2.0esr-1
  • H
Out-of-bounds Write

<68.2.0esr-1
  • H
Use After Free

<68.2.0esr-1
  • H
Buffer Overflow

<68.2.0esr-1
  • H
Out-of-bounds Read

<68.2.0esr-1
  • M
Improper Initialization

<68.1.0esr-1
  • H
Buffer Overflow

<68.1.0esr-1
  • L
Information Exposure

<68.1.0esr-1
  • H
Out-of-Bounds

<68.1.0esr-1
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<68.1.0esr-1
  • H
Use After Free

<68.1.0esr-1
  • H
Use After Free

<68.1.0esr-1
  • M
Incorrect Default Permissions

<68.1.0esr-1
  • C
Improper Input Validation

<68.1.0esr-1
  • M
Improper Preservation of Permissions

<68.1.0esr-1
  • M
Inclusion of Functionality from Untrusted Control Sphere

<68.1.0esr-1
  • M
CVE-2019-11749

<68.1.0esr-1
  • M
Cross-site Scripting (XSS)

<68.1.0esr-1
  • H
Arbitrary Code Injection

<60.8.0esr-1
  • L
Out-of-Bounds

<60.8.0esr-1
  • C
Use After Free

<60.8.0esr-1
  • H
Cross-site Request Forgery (CSRF)

<60.8.0esr-1
  • M
Cross-site Scripting (XSS)

<60.8.0esr-1
  • M
CVE-2019-11730

<60.8.0esr-1
  • M
Improper Encoding or Escaping of Output

<60.8.0esr-1
  • L
Out-of-bounds Read

<60.8.0esr-1
  • C
Out-of-Bounds

<60.8.0esr-1
  • H
CVE-2019-11711

<60.8.0esr-1
  • L
Information Exposure

<68.2.0esr-1
  • C
Improper Input Validation

<60.7.2esr-1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<60.7.1esr-1
  • L
Information Exposure

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<60.7.0esr-1
  • M
Origin Validation Error

<60.7.0esr-1
  • C
Out-of-Bounds

<60.7.0esr-1
  • C
Use After Free

<60.7.0esr-1
  • C
Use After Free

<60.7.0esr-1
  • C
Out-of-Bounds

<60.7.0esr-1
  • C
Improper Input Validation

<60.7.0esr-1
  • C
Use After Free

<60.7.0esr-1
  • M
Improper Input Validation

<60.7.0esr-1
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<60.6.1esr-1
  • H
Out-of-Bounds

<60.6.1esr-1
  • C
Out-of-Bounds

<60.6.0esr-1
  • C
Reachable Assertion

<60.6.0esr-1
  • M
Out-of-Bounds

<60.6.0esr-1
  • C
Out-of-Bounds

<60.6.0esr-1
  • C
Use After Free

<60.6.0esr-1
  • C
Use After Free

<60.6.0esr-1
  • C
Improper Input Validation

<60.6.0esr-1
  • M
Origin Validation Error

<60.7.0esr-1
  • M
Out-of-bounds Read

<60.7.0esr-1
  • M
Origin Validation Error

<60.2.0esr-1
  • M
Information Exposure

<60.7.0esr-1
  • M
Out-of-bounds Write

<60.5.1esr-1
  • M
Use After Free

<60.7.0esr-1
  • C
Out-of-Bounds

<60.5.0esr-1
  • C
Improper Authentication

<60.5.0esr-1
  • C
Use After Free

<60.5.0esr-1
  • M
CVE-2018-18506

<60.6.0esr-1
  • C
Out-of-Bounds

<60.4.0esr-1
  • C
Use After Free

<60.4.0esr-1
  • C
Out-of-bounds Write

<60.4.0esr-1
  • C
Out-of-Bounds

<60.4.0esr-1
  • M
Origin Validation Error

<60.4.0esr-1
  • H
Out-of-bounds Write

<60.5.1esr-1
  • H
CVE-2018-12395

<60.3.0esr-1
  • M
Incorrect Permission Assignment for Critical Resource

<60.3.0esr-1
  • H
Information Exposure

<60.3.0esr-1
  • C
Out-of-Bounds

<60.3.0esr-1
  • H
Out-of-Bounds

<60.3.0esr-1
  • H
Out-of-bounds Write

<60.3.0esr-1
  • C
CVE-2018-12392

<60.3.0esr-1
  • H
Out-of-bounds Read

<60.4.0esr-1
  • H
Improper Input Validation

<60.2.1esr-1
  • C
Improper Input Validation

<60.2.2esr-1
  • H
Incorrect Type Conversion or Cast

<60.2.2esr-1
  • M
Insufficiently Protected Credentials

<60.2.1esr-1
  • C
Use After Free

<60.2.0esr-1
  • L
Out-of-bounds Write

<60.2.0esr-1
  • C
Out-of-Bounds

<60.2.0esr-1
  • C
Use After Free

<60.2.0esr-1
  • H
Cross-site Request Forgery (CSRF)

<52.9.0esr-1
  • H
Use After Free

<52.9.0esr-1
  • H
Use After Free

<52.9.0esr-1
  • M
Out-of-bounds Read

<52.9.0esr-1
  • H
Out-of-Bounds

<52.9.0esr-1
  • H
Integer Overflow or Wraparound

<52.9.0esr-1
  • M
Information Exposure

<52.9.0esr-1
  • C
Out-of-Bounds

<52.9.0esr-1
  • C
Improper Input Validation

<52.9.0esr-1
  • H
Out-of-Bounds

<52.2.0esr-1
  • H
Out-of-Bounds

<52.2.0esr-1
  • H
Out-of-bounds Read

<52.2.0esr-1
  • C
Out-of-bounds Read

<52.2.0esr-1
  • H
Out-of-bounds Write

<52.8.1esr-1
  • H
Out-of-bounds Read

<52.2.0esr-1
  • H
Out-of-Bounds

<52.2.0esr-1
  • C
Out-of-Bounds

<45.9.0esr-1
  • C
Use After Free

<52.5.0esr-1
  • H
Improper Access Control

<45.6.0esr-1
  • C
Use After Free

<52.6.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • H
Out-of-bounds Write

<45.9.0esr-1
  • H
Improper Privilege Management

<52.3.0esr-1
  • C
Use After Free

<45.6.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • C
Use After Free

<45.6.0esr-1
  • C
Out-of-Bounds

<45.7.0esr-1
  • C
Use After Free

<52.2.0esr-1
  • C
Out-of-Bounds

<45.6.0esr-1
  • C
Use After Free

<52.2.0esr-1
  • C
Out-of-Bounds

<52.2.0esr-1
  • M
Improper Input Validation

<45.5.0esr-1
  • H
Arbitrary Code Injection

<52.8.0esr-1
  • M
CVE-2018-5168

<52.8.0esr-1
  • C
Use After Free

<52.6.0esr-1
  • C
Use After Free

<45.8.0esr-1
  • H
Use After Free

<45.5.1esr-1
  • H
Out-of-bounds Write

<52.7.0esr-1
  • H
CVE-2017-5386

<45.7.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • C
Use After Free

<45.7.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • M
Information Exposure

<52.7.0esr-1
  • H
Information Exposure

<52.8.0esr-1
  • H
Origin Validation Error

<45.6.0esr-1
  • H
Out-of-Bounds

<52.7.0esr-1
  • C
Integer Overflow or Wraparound

<52.6.0esr-1
  • C
Use After Free

<52.6.0esr-1
  • C
Use After Free

<52.7.3esr-1
  • H
Out-of-bounds Write

<45.9.0esr-1
  • C
Out-of-bounds Read

<45.9.0esr-1
  • H
Information Exposure

<45.7.0esr-1
  • C
Out-of-Bounds

<45.9.0esr-1
  • C
Out-of-Bounds

<52.2.0esr-1
  • M
Information Exposure

<45.8.0esr-1
  • C
Out-of-Bounds

<45.7.0esr-1
  • C
Out-of-Bounds

<52.3.0esr-1
  • C
Out-of-Bounds

<52.5.0esr-1
  • M
Improper Input Validation

<45.7.0esr-1
  • C
Out-of-Bounds

<52.3.0esr-1
  • C
Out-of-Bounds

<45.8.0esr-1
  • H
Out-of-Bounds

<45.9.0esr-1
  • H
Out-of-Bounds

<45.5.0esr-1
  • M
Information Exposure

<45.5.0esr-1
  • C
Improper Input Validation

<45.6.0esr-1
  • C
Out-of-bounds Read

<45.9.0esr-1
  • C
Out-of-Bounds

<45.9.0esr-1
  • H
Improper Validation of Array Index

<45.9.0esr-1
  • C
CVE-2017-5390

<45.7.0esr-1
  • C
Use After Free

<45.7.0esr-1
  • H
Information Exposure

<52.5.2esr-1
  • H
Information Exposure

<52.3.0esr-1
  • C
Out-of-Bounds

<52.3.0esr-1
  • C
Use After Free

<52.3.0esr-1
  • C
Use After Free

<52.2.0esr-1
  • C
Use After Free

<52.2.0esr-1
  • H
Improper Input Validation

<52.4.0esr-2
  • C
Use After Free

<52.3.0esr-1
  • H
Use After Free

<52.2.0esr-1
  • H
Improper Input Validation

<52.3.0esr-1
  • M
Improper Input Validation

<52.3.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • H
Arbitrary Code Injection

<52.3.0esr-1
  • C
Use After Free

<52.6.0esr-1
  • C
Use After Free

<52.6.0esr-1
  • M
CVE-2017-7830

<52.5.0esr-1
  • H
Security Features

<45.6.0esr-1
  • C
Out-of-bounds Read

<52.2.0esr-1
  • C
Out-of-Bounds

<45.8.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • C
Use After Free

<52.2.0esr-1
  • M
Incorrect Calculation

<45.9.0esr-1
  • C
Out-of-Bounds

<52.4.0esr-2
  • C
Use After Free

<52.6.0esr-1
  • C
Out-of-Bounds

<45.8.0esr-1
  • M
Information Exposure

<45.8.0esr-1
  • C
Out-of-Bounds

<52.6.0esr-1
  • M
CVE-2018-5117

<52.6.0esr-1
  • C
Out-of-bounds Write

<52.8.0esr-1
  • H
Out-of-bounds Read

<52.2.0esr-1
  • C
Use After Free

<52.2.0esr-1
  • C
Use After Free

<45.7.0esr-1
  • H
Out-of-bounds Write

<52.7.2esr-1
  • C
Use After Free

<52.6.0esr-1
  • H
Out-of-Bounds

<52.7.0esr-1
  • H
Out-of-Bounds

<52.8.0esr-1
  • C
Integer Overflow or Wraparound

<45.5.0esr-1
  • C
Use After Free

<52.8.0esr-1
  • H
Information Exposure

<45.6.0esr-1
  • C
Use After Free

<52.8.0esr-1
  • M
DEPRECATED: Use of Uninitialized Resource

<45.8.0esr-1
  • C
Out-of-bounds Read

<52.3.0esr-1
  • C
Out-of-Bounds

<45.9.0esr-1
  • C
Use After Free

<52.3.0esr-1
  • C
Use After Free

<45.8.0esr-1
  • C
Use After Free

<52.3.0esr-1
  • C
Use After Free

<52.4.0esr-2
  • C
Use After Free

<45.9.0esr-1
  • C
Out-of-bounds Write

<52.7.2esr-1
  • C
Out-of-Bounds

<52.8.0esr-1
  • M
Security Features

<45.6.0esr-1
  • C
Out-of-Bounds

<52.8.0esr-1
  • M
Cross-site Scripting (XSS)

<52.4.0esr-2
  • H
Use After Free

<52.4.0esr-2
  • H
Out-of-Bounds

<45.6.0esr-1
  • H
Out-of-Bounds

<45.5.0esr-1
  • M
Improper Input Validation

<52.2.0esr-1
  • C
Out-of-Bounds

<52.4.0esr-2
  • C
Use After Free

<45.9.0esr-1
  • C
Out-of-bounds Write

<45.9.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • C
Use After Free

<45.9.0esr-1
  • C
Out-of-Bounds

<52.3.0esr-1
  • C
Use After Free

<52.3.0esr-1
  • C
Use After Free

<52.4.0esr-2
  • C
Use After Free

<52.4.0esr-2
  • M
Improper Certificate Validation

<45.5.0esr-1
  • C
Out-of-Bounds

<45.5.0esr-1
  • C
Error Handling

<45.8.0esr-1
  • C
Use After Free

<52.6.0esr-1
  • H
Improper Input Validation

<52.7.0esr-1
  • H
Integer Overflow or Wraparound

<52.7.0esr-1
  • C
Out-of-Bounds

<52.7.0esr-1
  • L
Information Exposure

<60.2.0esr-1
  • C
Out-of-bounds Write

<45.9.0esr-1
  • H
Improper Input Validation

<45.4.0esr-1
  • C
Use After Free

<45.4.0esr-1
  • C
Use After Free

<45.4.0esr-1
  • C
Use After Free

<45.4.0esr-1
  • C
Out-of-Bounds

<45.4.0esr-1
  • C
Use After Free

<45.4.0esr-1
  • H
Improper Input Validation

<45.4.0esr-1
  • C
Use After Free

<45.4.0esr-1
  • H
Out-of-Bounds

<45.4.0esr-1
  • C
Out-of-Bounds

<45.4.0esr-1
  • H
Integer Overflow or Wraparound

<45.0esr-1
  • H
Use After Free

<45.3.0esr-1
  • M
Out-of-Bounds

<45.3.0esr-1
  • H
Out-of-Bounds

<45.3.0esr-1
  • H
Incorrect Type Conversion or Cast

<45.3.0esr-1
  • C
Use After Free

<45.3.0esr-1
  • H
Use After Free

<45.3.0esr-1
  • H
Out-of-Bounds

<45.3.0esr-1
  • M
Information Exposure

<45.4.0esr-1
  • H
Out-of-Bounds

<45.3.0esr-1
  • H
Integer Overflow or Wraparound

<45.4.0esr-1
  • M
Cross-site Scripting (XSS)

<45.3.0esr-1
  • M
Cross-site Scripting (XSS)

<45.3.0esr-1
  • M
Information Exposure

<45.3.0esr-1
  • H
Use After Free

<45.3.0esr-1
  • H
CVE-2016-2828

<45.2.0esr-1
  • M
Improper Access Control

<45.2.0esr-1
  • H
Security Features

<45.2.0esr-1
  • H
Out-of-Bounds

<45.2.0esr-1
  • H
CVE-2016-2821

<45.2.0esr-1
  • H
Out-of-Bounds

<45.2.0esr-1
  • H
Out-of-Bounds

<45.1.0esr-1
  • H
Out-of-Bounds

<45.1.0esr-1
  • H
Out-of-Bounds

<45.1.0esr-1
  • H
Out-of-Bounds

<45.1.0esr-1
  • H
Access Restriction Bypass

<45.0esr-1
  • M
Security Features

<45.0esr-1
  • M
Security Features

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Improper Data Handling

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Improper Data Handling

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
CVE-2016-1979

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
CVE-2016-1961

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
CVE-2016-1973

<45.0esr-1
  • M
Out-of-Bounds

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
CVE-2016-1964

<45.0esr-1
  • H
CVE-2016-1966

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Numeric Errors

<45.0esr-1
  • H
Access Restriction Bypass

<45.0esr-1
  • M
Resource Management Errors

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • M
Information Exposure

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
CVE-2016-1960

<45.0esr-1
  • M
Information Exposure

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • C
CVE-2016-1962

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Out-of-Bounds

<45.0esr-1
  • H
Access Restriction Bypass

<45.0esr-1
  • L
CVE-2007-0801

<45.0esr-1
  • H
CVE-2006-6498

<45.0esr-1
  • H
Security Features

<45.0esr-1
  • H
CVE-2006-6502

<45.0esr-1
  • H
Arbitrary Code Injection

<45.0esr-1
  • H
Access Restriction Bypass

<45.0esr-1
  • M
CVE-2006-6497

<45.0esr-1
  • H
CVE-2006-6499

<45.0esr-1
  • M
CVE-2006-6585

<45.0esr-1
  • H
CVE-2006-5463

<45.0esr-1
  • H
CVE-2006-5748

<45.0esr-1
  • H
CVE-2006-5747

<45.0esr-1
  • L
CVE-2006-5464

<45.0esr-1
  • H
CVE-2006-5462

<45.0esr-1
  • L
CVE-2006-5633

<45.0esr-1
  • M
Improper Input Validation

<45.0esr-1
  • L
CVE-2006-2723

<45.0esr-1