Homepage

xulrunner vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the xulrunner package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Incorrect Calculation

*
  • M
Integer Overflow or Wraparound

*
  • M
Heap-based Buffer Overflow

*
  • C
Out-of-Bounds

<0:17.0.10-1.el6_4
  • C
Use After Free

<0:17.0.10-1.el6_4
  • C
CVE-2013-5590

<0:17.0.10-1.el6_4
  • C
Out-of-Bounds

<0:17.0.10-1.el6_4
  • C
Use After Free

<0:17.0.10-1.el6_4
  • C
Use After Free

<0:17.0.10-1.el6_4
  • C
Use After Free

<0:17.0.10-1.el6_4
  • C
Out-of-Bounds

<0:17.0.10-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Cross-site Scripting (XSS)

<0:17.0.8-3.el6_4
  • C
Access Restriction Bypass

<0:17.0.8-3.el6_4
  • C
CVE-2013-1701

<0:17.0.8-3.el6_4
  • C
Cross-site Scripting (XSS)

<0:17.0.8-3.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.9-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Out-of-Bounds

<0:17.0.9-1.el6_4
  • C
Use After Free

<0:17.0.9-1.el6_4
  • C
Improper Input Validation

<0:17.0.9-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.8-3.el6_4
  • C
Access Restriction Bypass

<0:17.0.8-3.el6_4
  • C
Access Restriction Bypass

<0:17.0.7-1.el6_4
  • C
Out-of-Bounds

<0:17.0.7-1.el6_4
  • C
Improper Input Validation

<0:17.0.7-1.el6_4
  • C
CVE-2013-1682

<0:17.0.7-1.el6_4
  • C
Cross-site Request Forgery (CSRF)

<0:17.0.7-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.7-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.7-1.el6_4
  • C
Resource Management Errors

<0:17.0.7-1.el6_4
  • C
Resource Management Errors

<0:17.0.7-1.el6_4
  • C
Resource Management Errors

<0:17.0.7-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.6-2.el6_4
  • C
Resource Management Errors

<0:17.0.6-2.el6_4
  • C
Resource Management Errors

<0:17.0.6-2.el6_4
  • C
Resource Management Errors

<0:17.0.6-2.el6_4
  • C
Missing Initialization of a Variable

<0:17.0.6-2.el6_4
  • C
CVE-2013-0801

<0:17.0.6-2.el6_4
  • C
Use After Free

<0:17.0.6-2.el6_4
  • C
Out-of-Bounds

<0:17.0.6-2.el6_4
  • C
Out-of-Bounds

<0:17.0.6-2.el6_4
  • C
Out-of-Bounds

<0:17.0.6-2.el6_4
  • C
CVE-2013-0788

<0:17.0.5-1.el6_4
  • C
Out-of-bounds Write

<0:17.0.5-1.el6_4
  • C
CVE-2013-0796

<0:17.0.5-1.el6_4
  • C
Access Restriction Bypass

<0:17.0.5-1.el6_4
  • C
Cross-site Scripting (XSS)

<0:17.0.5-1.el6_4
  • C
Use After Free

<0:17.0.3-2.el6_4
  • C
CVE-2013-0783

<0:17.0.3-1.el6_3
  • C
Out-of-bounds Read

<0:17.0.3-1.el6_3
  • C
Improper Certificate Validation

<0:17.0.3-1.el6_3
  • C
Use After Free

<0:17.0.3-1.el6_3
  • C
Out-of-bounds Read

<0:17.0.3-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Improper Authentication

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
CVE-2013-0769

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.11-1.el6_3
  • C
CVE-2013-0746

<0:10.0.12-1.el6_3
  • C
Integer Overflow or Wraparound

<0:10.0.12-1.el6_3
  • C
Arbitrary Code Injection

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.12-1.el6_3
  • C
Information Exposure

<0:10.0.12-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.el6_3
  • C
Out-of-bounds Write

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
CVE-2012-5842

<0:10.0.11-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.11-1.el6_3
  • C
Use After Free

<0:10.0.11-1.el6_3
  • C
Arbitrary Code Injection

<0:10.0.10-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.10-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.10-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.el6_3
  • C
Improper Input Validation

<0:10.0.8-1.el6_3
  • C
Improper Privilege Management

<0:10.0.8-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.8-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.el6_3
  • C
CVE-2012-3982

<0:10.0.8-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Information Exposure

<0:10.0.7-1.el6_3
  • C
Origin Validation Error

<0:10.0.8-2.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Out-of-Bounds

<0:10.0.8-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.8-1.el6_3
  • C
Out-of-Bounds

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.8-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.8-1.el6_3
  • C
Out-of-Bounds

<0:10.0.8-1.el6_3
  • C
Use After Free

<0:10.0.8-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Arbitrary Code Injection

<0:10.0.7-1.el6_3
  • C
Out-of-bounds Read

<0:10.0.8-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.6-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.6-1.el6_3
  • C
Resource Management Errors

<0:10.0.6-1.el6_3
  • C
CVE-2012-1967

<0:10.0.6-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Resource Management Errors

<0:10.0.6-1.el6_3
  • C
CVE-2012-1964

<0:10.0.6-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Out-of-Bounds

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Use After Free

<0:10.0.7-1.el6_3
  • C
Resource Management Errors

<0:10.0.6-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.6-1.el6_3
  • C
Cross-site Scripting (XSS)

<0:10.0.6-1.el6_3
  • C
Out-of-Bounds

<0:10.0.6-1.el6_3
  • C
Use After Free

<0:10.0.6-1.el6_3
  • C
CVE-2012-1948

<0:10.0.6-1.el6_3
  • C
CVE-2012-1950

<0:10.0.6-1.el6_3
  • C
CVE-2012-1955

<0:10.0.6-1.el6_3
  • C
Improper Input Validation

<0:10.0.6-1.el6_3
  • C
Resource Management Errors

<0:10.0.6-1.el6_3
  • C
Access Restriction Bypass

<0:10.0.6-1.el6_3
  • C
Use After Free

<0:10.0.5-1.el6_2
  • C
Use After Free

<0:10.0.5-1.el6_2
  • C
CVE-2012-1938

<0:10.0.5-1.el6_2
  • C
CVE-2012-1937

<0:10.0.5-1.el6_2
  • C
CVE-2011-3101

<0:10.0.5-1.el6_2
  • C
Information Exposure

<0:10.0.5-1.el6_2
  • C
Out-of-Bounds

<0:10.0.5-1.el6_2
  • C
Use After Free

<0:10.0.5-1.el6_2
  • C
Use After Free

<0:10.0.5-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.5-1.el6_2
  • C
Out-of-Bounds

<0:10.0.5-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.4-1.el6_2
  • C
Access Restriction Bypass

<0:10.0.4-1.el6_2
  • C
CVE-2012-0467

<0:10.0.4-1.el6_2
  • C
CVE-2012-0479

<0:10.0.4-1.el6_2
  • C
Off-by-one Error

<0:10.0.4-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.4-1.el6_2
  • C
Information Exposure

<0:10.0.3-1.el6_2
  • C
Out-of-Bounds

<0:10.0.4-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.4-1.el6_2
  • C
Numeric Errors

<0:10.0.4-1.el6_2
  • C
Out-of-Bounds

<0:10.0.4-1.el6_2
  • C
Use After Free

<0:10.0.4-1.el6_2
  • C
Out-of-Bounds

<0:10.0.4-1.el6_2
  • C
Resource Management Errors

<0:10.0.3-1.el6_2
  • C
Heap-based Buffer Overflow

<0:1.9.2.26-2.el6_2
  • C
Resource Management Errors

<0:10.0.3-1.el6_2
  • C
Access Restriction Bypass

<0:10.0.3-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.3-1.el6_2
  • C
CVE-2012-0462

<0:10.0.3-1.el6_2
  • C
Cross-site Scripting (XSS)

<0:10.0.3-1.el6_2
  • C
Out-of-Bounds

<0:1.9.2.26-1.el6_2
  • C
Access Restriction Bypass

<0:10.0.3-1.el6_2
  • C
CVE-2012-0461

<0:10.0.3-1.el6_2
  • C
Out-of-Bounds

<0:1.9.2.26-1.el6_2
  • C
Access Restriction Bypass

<0:10.0.3-1.el6_2
  • C
Use After Free

<0:1.9.2.26-1.el6_2
  • C
CVE-2012-0442

<0:1.9.2.26-1.el6_2
  • C
Information Exposure

<0:1.9.2.26-1.el6_2
  • C
Out-of-Bounds

<0:1.9.2.24-2.el6_1.1
  • C
Cross-site Scripting (XSS)

<0:1.9.2.24-2.el6_1.1
  • C
Improper Input Validation

<0:1.9.2.24-2.el6_1.1
  • C
Arbitrary Code Injection

<0:1.9.2.23-1.el6_1.1
  • C
Access Restriction Bypass

<0:1.9.2.23-1.el6_1.1
  • C
Cross-site Scripting (XSS)

<0:1.9.2.23-1.el6_1.1
  • C
CVE-2011-2995

<0:1.9.2.23-1.el6_1.1
  • C
Integer Overflow or Wraparound

<0:1.9.2.23-1.el6_1.1
  • C
CVE-2011-2982

<0:1.9.2.20-2.el6_1
  • C
Arbitrary Code Injection

<0:1.9.2.20-2.el6_1
  • C
Arbitrary Code Injection

<0:1.9.2.20-2.el6_1
  • C
Use After Free

<0:1.9.2.18-2.el6_1
  • C
CVE-2011-2376

<0:1.9.2.18-2.el6_1
  • C
Resource Management Errors

<0:1.9.2.18-2.el6_1
  • C
CVE-2011-2364

<0:1.9.2.18-2.el6_1
  • C
CVE-2011-2365

<0:1.9.2.18-2.el6_1
  • C
Resource Management Errors

<0:1.9.2.18-2.el6_1
  • C
Configuration

<0:1.9.2.20-2.el6_1
  • C
Arbitrary Code Injection

<0:1.9.2.20-2.el6_1
  • C
Information Exposure

<0:1.9.2.20-2.el6_1
  • C
CVE-2011-2374

<0:1.9.2.18-2.el6_1
  • C
CVE-2011-2375

<0:1.9.2.18-2.el6_1
  • C
Arbitrary Code Injection

<0:1.9.2.18-2.el6_1
  • C
Out-of-Bounds

<0:1.9.2.18-2.el6_1
  • C
Access Restriction Bypass

<0:1.9.2.18-2.el6_1
  • C
Integer Overflow or Wraparound

<0:1.9.2.18-2.el6_1
  • C
Resource Management Errors

<0:1.9.2.18-2.el6_1
  • C
CVE-2011-0081

<0:1.9.2.17-4.el6_0
  • C
Information Exposure

<0:1.9.2.17-4.el6_0
  • C
CVE-2011-0070

<0:1.9.2.17-4.el6_0
  • C
CVE-2011-0080

<0:1.9.2.17-4.el6_0
  • C
CVE-2011-0069

<0:1.9.2.17-4.el6_0
  • C
CVE-2011-0075

<0:1.9.2.17-4.el6_0
  • C
CVE-2011-0074

<0:1.9.2.17-4.el6_0
  • C
Improper Input Validation

<0:1.9.2.17-4.el6_0
  • C
Improper Input Validation

<0:1.9.2.17-4.el6_0
  • C
Improper Input Validation

<0:1.9.2.14-3.el6_0
  • C
Improper Input Validation

<0:1.9.2.14-3.el6_0
  • C
Cross-site Request Forgery (CSRF)

<0:1.9.2.14-3.el6_0
  • C
Out-of-Bounds

<0:1.9.2.14-3.el6_0
  • C
Integer Overflow or Wraparound

<0:1.9.2.17-4.el6_0
  • C
Use After Free

<0:1.9.2.14-3.el6_0
  • C
Use After Free

<0:1.9.2.17-4.el6_0
  • C
CVE-2011-0078

<0:1.9.2.17-4.el6_0
  • C
Directory Traversal

<0:1.9.2.17-4.el6_0
  • C
CVE-2011-0053

<0:1.9.2.14-3.el6_0
  • C
Use After Free

<0:1.9.2.17-4.el6_0
  • C
Use After Free

<0:1.9.2.17-4.el6_0
  • C
CVE-2011-0062

<0:1.9.2.14-3.el6_0
  • C
Out-of-Bounds

<0:1.9.2.14-3.el6_0
  • C
Out-of-Bounds

<0:1.9.2.14-3.el6_0
  • C
Out-of-Bounds

<0:1.9.2.14-3.el6_0
  • C
Use After Free

<0:1.9.2.14-3.el6_0
  • C
CVE-2010-3771

<0:1.9.2.13-3.el6_0
  • C
Out-of-Bounds

<0:1.9.2.13-3.el6_0
  • C
Numeric Errors

<0:1.9.2.13-3.el6_0
  • C
CVE-2010-3773

<0:1.9.2.13-3.el6_0
  • C
Integer Overflow or Wraparound

<0:1.9.2.13-3.el6_0
  • C
CVE-2010-3775

<0:1.9.2.13-3.el6_0
  • C
Use After Free

<0:1.9.2.13-3.el6_0
  • C
Out-of-Bounds

<0:1.9.2.12-1.el6_0
  • C
Access Restriction Bypass

<0:1.9.2.12-1.el6_0
  • C
Cross-site Scripting (XSS)

<0:1.9.2.12-1.el6_0
  • C
Out-of-Bounds

<0:1.9.2.13-3.el6_0
  • C
Cross-site Scripting (XSS)

<0:1.9.2.13-3.el6_0
  • C
Improper Input Validation

<0:1.9.2.13-3.el6_0
  • C
Improper Input Validation

<0:1.9.2.13-3.el6_0
  • C
Out-of-Bounds

<0:1.9.2.12-1.el6_0
  • C
Out-of-Bounds

<0:1.9.2.12-1.el6_0
  • C
Use After Free

<0:1.9.2.12-1.el6_0
  • C
CVE-2010-3182

<0:1.9.2.12-1.el6_0
  • C
CVE-2010-3175

<0:1.9.2.12-1.el6_0
  • C
CVE-2010-3176

<0:1.9.2.12-1.el6_0
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Integer Overflow or Wraparound

*