firefox vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the firefox package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
CVE-2025-1942

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1938

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1943

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1935

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1931

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1934

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1937

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1932

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1933

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1936

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1414

<136.0+build3-0ubuntu0.20.04.1
  • M
CVE-2025-1013

<135.0+build2-0ubuntu0.20.04.1
  • M
Improper Certificate Validation

<135.0+build2-0ubuntu0.20.04.1
  • M
CVE-2025-1011

<135.0+build2-0ubuntu0.20.04.1
  • M
Use After Free

<135.0+build2-0ubuntu0.20.04.1
  • M
Use After Free

<135.0+build2-0ubuntu0.20.04.1
  • M
Use After Free

<135.0+build2-0ubuntu0.20.04.1
  • M
Out-of-bounds Write

<135.0+build2-0ubuntu0.20.04.1
  • M
Out-of-bounds Write

<135.0+build2-0ubuntu0.20.04.1
  • M
Improper Restriction of Rendered UI Layers or Frames

<135.0+build2-0ubuntu0.20.04.1
  • M
Improper Restriction of Rendered UI Layers or Frames

<135.0+build2-0ubuntu0.20.04.1
  • M
Out-of-bounds Write

<135.0+build2-0ubuntu0.20.04.1
  • M
CVE-2025-0237

<134.0+build1-0ubuntu0.20.04.1
  • M
CVE-2025-0240

<134.0+build1-0ubuntu0.20.04.1
  • M
CVE-2025-0241

<134.0+build1-0ubuntu0.20.04.1
  • M
Out-of-bounds Write

<134.0+build1-0ubuntu0.20.04.1
  • M
CVE-2025-0239

<134.0+build1-0ubuntu0.20.04.1
  • M
CVE-2025-0238

<134.0+build1-0ubuntu0.20.04.1
  • M
CVE-2025-0242

<134.0+build1-0ubuntu0.20.04.1
  • M
Out-of-bounds Write

<134.0+build1-0ubuntu0.20.04.1
  • M
CVE-2024-11692

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11695

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11697

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11694

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11696

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11699

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11705

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11701

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11708

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11706

<133.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-11704

<133.0+build2-0ubuntu0.20.04.1
  • M
Race Condition

<132.0+build1-0ubuntu0.20.04.1
  • M
CVE-2024-10458

<132.0+build1-0ubuntu0.20.04.1
  • M
Out-of-bounds Write

<132.0+build1-0ubuntu0.20.04.1
  • M
Use After Free

<132.0+build1-0ubuntu0.20.04.1
  • M
Authentication Bypass

<132.0+build1-0ubuntu0.20.04.1
  • M
Information Exposure

<132.0+build1-0ubuntu0.20.04.1
  • M
CVE-2024-10466

<132.0+build1-0ubuntu0.20.04.1
  • M
CVE-2024-10460

<132.0+build1-0ubuntu0.20.04.1
  • M
Out-of-bounds Read

<132.0+build1-0ubuntu0.20.04.1
  • M
Cross-site Scripting (XSS)

<132.0+build1-0ubuntu0.20.04.1
  • M
Authentication Bypass

<132.0+build1-0ubuntu0.20.04.1
  • M
CVE-2024-9936

<131.0.3+build1-0ubuntu0.20.04.1
  • M
Improper Restriction of Rendered UI Layers or Frames

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9392

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9398

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9400

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9393

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9396

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9399

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9403

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9394

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9401

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-9402

<131.0+build1.1-0ubuntu0.20.04.1
  • M
CVE-2024-7652

<128.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-8383

<130.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-8382

<130.0+build2-0ubuntu0.20.04.1
  • M
Open Redirect

<130.0+build2-0ubuntu0.20.04.1
  • M
CVE-2024-7518

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Incorrect Default Permissions

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<129.0.1+build1-0ubuntu0.20.04.1
  • M
CVE-2024-7529

<129.0.1+build1-0ubuntu0.20.04.1
  • M
CVE-2024-7523

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Use After Free

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Use of Uninitialized Resource

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Improper Handling of Exceptional Conditions

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Out-of-bounds Read

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Use After Free

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Cross-site Scripting (XSS)

<129.0.1+build1-0ubuntu0.20.04.1
  • M
CVE-2024-7531

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Use After Free

<129.0.1+build1-0ubuntu0.20.04.1
  • M
Information Exposure

<124.0+build1-0ubuntu0.20.04.1
  • M
Improper Handling of Exceptional Conditions

<118.0.1+build1-0ubuntu0.20.04.1
  • M
CVE-2024-0750

<122.0+build2-0ubuntu0.20.04.1
  • L
Improper Privilege Management

<122.0+build2-0ubuntu0.20.04.1
  • L
CVE-2024-0746

<122.0+build2-0ubuntu0.20.04.1
  • M
Information Exposure

<121.0+build1-0ubuntu0.20.04.1
  • H
Out-of-bounds Write

<118.0.1+build1-0ubuntu0.20.04.1
  • M
Out-of-bounds Write

<117.0.1+build2-0ubuntu0.20.04.1
  • M
CVE-2023-0767

<110.0+build3-0ubuntu0.20.04.1
  • L
NULL Pointer Dereference

*
  • M
Use After Free

<107.0+build2-0ubuntu0.20.04.1
  • M
Use After Free

*
  • M
Incorrect Calculation

*
  • M
Access of Uninitialized Pointer

<102.0+build2-0ubuntu0.20.04.1
  • M
Use After Free

*
  • L
Integer Overflow or Wraparound

*
  • L
Integer Overflow or Wraparound

*
  • L
Improper Encoding or Escaping of Output

*
  • L
Exposure of Resource to Wrong Sphere

*
  • L
Integer Overflow or Wraparound

*
  • L
Integer Overflow or Wraparound

*
  • L
Improper Certificate Validation

<96.0+build2-0ubuntu0.20.04.1
  • M
Integer Overflow or Wraparound

<98.0+build3-0ubuntu0.20.04.2
  • M
Integer Overflow or Wraparound

<98.0+build3-0ubuntu0.20.04.2
  • M
Integer Overflow or Wraparound

<98.0+build3-0ubuntu0.20.04.2
  • M
Integer Overflow or Wraparound

<98.0+build3-0ubuntu0.20.04.2
  • M
Integer Overflow or Wraparound

<98.0+build3-0ubuntu0.20.04.2
  • M
Integer Overflow or Wraparound

<98.0+build3-0ubuntu0.20.04.2
  • M
Integer Overflow or Wraparound

<98.0+build3-0ubuntu0.20.04.2
  • L
Incorrect Calculation

<98.0+build3-0ubuntu0.20.04.2
  • M
Arbitrary Code Injection

<87.0+build3-0ubuntu0.20.04.1
  • M
Out-of-Bounds

<82.0+build2-0ubuntu0.20.04.1
  • M
Information Exposure

<80.0+build2-0ubuntu0.20.04.1
  • M
CVE-2020-6829

<80.0+build2-0ubuntu0.20.04.1
  • M
Use of a Broken or Risky Cryptographic Algorithm

<80.0+build2-0ubuntu0.20.04.1
  • M
Information Exposure

<77.0.1+build1-0ubuntu0.20.04.1
  • M
Out-of-bounds Read

<74.0+build3-0ubuntu1
  • L
Improper Authentication

<72.0.1+build1-0ubuntu1
  • M
Out-of-bounds Read

<70.0+build2-0ubuntu1
  • M
Out-of-Bounds

<68.0+build3-0ubuntu1
  • M
Improper Certificate Validation

<68.0+build3-0ubuntu1
  • M
Out-of-bounds Read

<68.0+build3-0ubuntu1
  • M
Use After Free

<67.0+build2-0ubuntu1
  • M
Out-of-Bounds

<61.0.1+build1-0ubuntu0.18.04.1
  • M
Out-of-Bounds

<59.0.1+build1-0ubuntu1
  • M
Out-of-Bounds

<56.0+build6-0ubuntu1
  • M
Out-of-Bounds

<57.0.1+build2-0ubuntu1
  • M
Out-of-Bounds

<59.0.1+build1-0ubuntu1
  • M
Out-of-Bounds

<60.0+build2-0ubuntu1