firefox vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the firefox package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Use After Free	<78.0.1+build1-0ubuntu0.19.10.1
M Incorrect Default Permissions	<78.0.1+build1-0ubuntu0.19.10.1
M Incorrect Default Permissions	<78.0.1+build1-0ubuntu0.19.10.1
M Out-of-Bounds	<78.0.1+build1-0ubuntu0.19.10.1
M Out-of-bounds Write	<78.0.1+build1-0ubuntu0.19.10.1
M Out-of-bounds Read	<78.0.1+build1-0ubuntu0.19.10.1
M Out-of-bounds Read	<78.0.1+build1-0ubuntu0.19.10.1
M Out-of-Bounds	<78.0.1+build1-0ubuntu0.19.10.1
M Use After Free	<78.0.1+build1-0ubuntu0.19.10.1
M Improper Certificate Validation	<78.0.1+build1-0ubuntu0.19.10.1
M Use After Free	<78.0.1+build1-0ubuntu0.19.10.1
M Out-of-Bounds	<77.0.1+build1-0ubuntu0.19.10.1
M Information Exposure	<77.0.1+build1-0ubuntu0.19.10.1
L CVE-2020-12409	<77.0.1+build1-0ubuntu0.19.10.1
L Arbitrary Code Injection	<77.0.1+build1-0ubuntu0.19.10.1
M Out-of-Bounds	<77.0.1+build1-0ubuntu0.19.10.1
M Insufficient Verification of Data Authenticity	<77.0.1+build1-0ubuntu0.19.10.1
M Use After Free	<77.0.1+build1-0ubuntu0.19.10.1
M Information Exposure	<77.0.1+build1-0ubuntu0.19.10.1
M Improper Input Validation	<76.0+build2-0ubuntu0.19.10.1
M Out-of-Bounds	<76.0+build2-0ubuntu0.19.10.1
M Deserialization of Untrusted Data	<76.0+build2-0ubuntu0.19.10.1
M Race Condition	<76.0+build2-0ubuntu0.19.10.1
M Buffer Overflow	<76.0+build2-0ubuntu0.19.10.1
M Information Exposure	<76.0+build2-0ubuntu0.19.10.1
M Improper Input Validation	<76.0+build2-0ubuntu0.19.10.1
M Out-of-Bounds	<76.0+build2-0ubuntu0.19.10.1
M Improper Privilege Management	<75.0+build3-0ubuntu0.19.10.1
M Session Fixation	<75.0+build3-0ubuntu0.19.10.1
M Out-of-Bounds	<75.0+build3-0ubuntu0.19.10.1
M Out-of-Bounds	<75.0+build3-0ubuntu0.19.10.1
M Out-of-Bounds	<75.0+build3-0ubuntu0.19.10.1
M Out-of-bounds Write	<75.0+build3-0ubuntu0.19.10.1
H Use After Free	<74.0.1+build1-0ubuntu0.19.10.1
H Double Free	<74.0.1+build1-0ubuntu0.19.10.1
M Out-of-Bounds	<74.0+build3-0ubuntu0.19.10.1
L CVE-2020-6813	<74.0+build3-0ubuntu0.19.10.1
M Authentication Bypass	<74.0+build3-0ubuntu0.19.10.1
M Information Exposure	<74.0+build3-0ubuntu0.19.10.1
L Information Exposure	<74.0+build3-0ubuntu0.19.10.1
M Use After Free	<74.0+build3-0ubuntu0.19.10.1
M Use After Free	<74.0+build3-0ubuntu0.19.10.1
M Arbitrary Code Injection	<74.0+build3-0ubuntu0.19.10.1
M Out-of-bounds Read	<74.0+build3-0ubuntu0.19.10.1
M Authentication Bypass	<74.0+build3-0ubuntu0.19.10.1
M Out-of-Bounds	<74.0+build3-0ubuntu0.19.10.1
M Out-of-bounds Read	<74.0+build3-0ubuntu0.19.10.1
M Out-of-Bounds	<73.0+build3-0ubuntu0.19.10.1
M Cross-site Scripting (XSS)	<73.0+build3-0ubuntu0.19.10.1
M Out-of-Bounds	<73.0+build3-0ubuntu0.19.10.1
M Out-of-bounds Write	<73.0+build3-0ubuntu0.19.10.1
M Access of Resource Using Incompatible Type ('Type Confusion')	<72.0.1+build1-0ubuntu0.19.10.1
M Improper Input Validation	<72.0.1+build1-0ubuntu0.19.10.1
M Buffer Overflow	<72.0.1+build1-0ubuntu0.19.10.1
M Out-of-bounds Write	<72.0.1+build1-0ubuntu0.19.10.1
M Cross-site Scripting (XSS)	<72.0.1+build1-0ubuntu0.19.10.1
M Cross-site Scripting (XSS)	<72.0.1+build1-0ubuntu0.19.10.1
L Improper Authentication	<72.0.1+build1-0ubuntu0.19.10.1
M Access of Resource Using Incompatible Type ('Type Confusion')	<72.0.1+build1-0ubuntu0.19.10.1
M Use After Free	<71.0+build5-0ubuntu0.19.10.1
M Use After Free	<71.0+build5-0ubuntu0.19.10.1
M Use After Free	<71.0+build5-0ubuntu0.19.10.1
M Inclusion of Functionality from Untrusted Control Sphere	<71.0+build5-0ubuntu0.19.10.1
M Buffer Overflow	<71.0+build5-0ubuntu0.19.10.1
M Use After Free	<71.0+build5-0ubuntu0.19.10.1
M Buffer Overflow	<71.0+build5-0ubuntu0.19.10.1
M Buffer Overflow	<71.0+build5-0ubuntu0.19.10.1
M Out-of-bounds Write	<71.0+build5-0ubuntu0.19.10.1
M Incorrect Default Permissions	<70.0+build2-0ubuntu0.19.10.1
M Cross-site Scripting (XSS)	<70.0+build2-0ubuntu0.19.10.1
M Cross-site Scripting (XSS)	<70.0+build2-0ubuntu0.19.10.1
M Origin Validation Error	<70.0+build2-0ubuntu0.19.10.1
M Race Condition	<70.0+build2-0ubuntu0.19.10.1
L Improper Input Validation	<70.0+build2-0ubuntu0.19.10.1
M Cross-site Scripting (XSS)	<70.0+build2-0ubuntu0.19.10.1
M Use After Free	<70.0+build2-0ubuntu0.19.10.1
M Out-of-bounds Write	<70.0+build2-0ubuntu0.19.10.1
M Use After Free	<70.0+build2-0ubuntu0.19.10.1
M Buffer Overflow	<70.0+build2-0ubuntu0.19.10.1
M CVE-2019-11754	<69.0.1+build1-0ubuntu2
M Out-of-bounds Read	<70.0+build2-0ubuntu0.19.10.1
M Buffer Overflow	<69.0.1+build1-0ubuntu2
L Improper Initialization	<69.0.1+build1-0ubuntu2
L Insufficient Verification of Data Authenticity	<69.0.1+build1-0ubuntu2
M Buffer Overflow	<69.0.1+build1-0ubuntu2
M Cross-site Scripting (XSS)	<69.0.1+build1-0ubuntu2
M Information Exposure	<69.0.1+build1-0ubuntu2
M Out-of-Bounds	<69.0.1+build1-0ubuntu2
M Access of Resource Using Incompatible Type ('Type Confusion')	<69.0.1+build1-0ubuntu2
M Use After Free	<69.0.1+build1-0ubuntu2
M Use After Free	<69.0.1+build1-0ubuntu2
L Incorrect Default Permissions	<69.0.1+build1-0ubuntu2
M Improper Input Validation	<69.0+build2-0ubuntu1
M Improper Preservation of Permissions	<69.0.1+build1-0ubuntu2
M Inclusion of Functionality from Untrusted Control Sphere	<69.0.1+build1-0ubuntu2
M CVE-2019-11749	<69.0.1+build1-0ubuntu2
M Cross-site Scripting (XSS)	<69.0.1+build1-0ubuntu2
M Out-of-bounds Read	<69.0+build2-0ubuntu1
M Incorrect Authorization	<68.0+build3-0ubuntu1
M Arbitrary Code Injection	<68.0+build3-0ubuntu1
M CVE-2019-11725	<68.0+build3-0ubuntu1
M Improper Input Validation	<68.0+build3-0ubuntu1
M Out-of-Bounds	<68.0+build3-0ubuntu1
M Use After Free	<68.0+build3-0ubuntu1
M CVE-2019-11721	<68.0+build3-0ubuntu1
M Arbitrary Code Injection	<68.0+build3-0ubuntu1
M Improper Certificate Validation	<68.0+build3-0ubuntu1
M Cross-site Request Forgery (CSRF)	<68.0+build3-0ubuntu1
M Cross-site Scripting (XSS)	<68.0+build3-0ubuntu1
M Cross-site Scripting (XSS)	<68.0+build3-0ubuntu1
M CVE-2019-11730	<68.0+build3-0ubuntu1
M Origin Validation Error	<68.0+build3-0ubuntu1
M Exposure of Resource to Wrong Sphere	<68.0+build3-0ubuntu1
M Improper Encoding or Escaping of Output	<68.0+build3-0ubuntu1
M Improper Input Validation	<68.0+build3-0ubuntu1
M Out-of-bounds Read	<68.0+build3-0ubuntu1
M Out-of-Bounds	<68.0+build3-0ubuntu1
M CVE-2019-11711	<68.0+build3-0ubuntu1
M Out-of-Bounds	<68.0+build3-0ubuntu1
H Access of Resource Using Incompatible Type ('Type Confusion')	<67.0.3+build1-0ubuntu1
L Cross-site Scripting (XSS)	<67.0+build2-0ubuntu1
M Access of Resource Using Incompatible Type ('Type Confusion')	<67.0+build2-0ubuntu1
M Origin Validation Error	<67.0+build2-0ubuntu1
M Use After Free	<67.0+build2-0ubuntu1
M Out-of-Bounds	<67.0+build2-0ubuntu1
M Use After Free	<67.0+build2-0ubuntu1
M Improper Input Validation	<67.0+build2-0ubuntu1
M Out-of-Bounds	<67.0+build2-0ubuntu1
M Use After Free	<67.0+build2-0ubuntu1
M Out-of-Bounds	<67.0+build2-0ubuntu1
L CVE-2019-11699	<67.0+build2-0ubuntu1
M Improper Input Validation	<67.0+build2-0ubuntu1
M Improper Input Validation	<67.0+build2-0ubuntu1
M Use After Free	<67.0+build2-0ubuntu1
M CVE-2019-11695	<67.0+build2-0ubuntu1
M Improper Input Validation	<67.0+build2-0ubuntu1
M Access of Resource Using Incompatible Type ('Type Confusion')	<66.0.1+build1-0ubuntu1
M Out-of-Bounds	<66.0.1+build1-0ubuntu1
L Resource Management Errors	<66.0+build3-0ubuntu1
M Use of Uninitialized Resource	<66.0+build3-0ubuntu1
M Origin Validation Error	<66.0+build3-0ubuntu1
M Out-of-Bounds	<66.0+build3-0ubuntu1
L Out-of-Bounds	<66.0+build3-0ubuntu1
M Out-of-Bounds	<66.0+build3-0ubuntu1
L Resource Management Errors	<66.0+build3-0ubuntu1
L Improper Input Validation	<66.0+build3-0ubuntu1
M Reachable Assertion	<66.0+build3-0ubuntu1
M Information Exposure	<66.0+build3-0ubuntu1
M Out-of-Bounds	<66.0+build3-0ubuntu1
L Origin Validation Error	<66.0+build3-0ubuntu1
M Out-of-Bounds	<66.0+build3-0ubuntu1
M Use After Free	<66.0+build3-0ubuntu1
M Use After Free	<66.0+build3-0ubuntu1
M Improper Input Validation	<66.0+build3-0ubuntu1
M Origin Validation Error	<66.0+build3-0ubuntu1
M Origin Validation Error	<62.0+build2-0ubuntu1
M Information Exposure	<65.0.1+build2-0ubuntu1
M Out-of-bounds Write	<65.0.1+build2-0ubuntu1
M Use After Free	<67.0+build2-0ubuntu1
M Out-of-Bounds	<65.0+build2-0ubuntu1
M Improper Authentication	<65.0+build2-0ubuntu1
M Use After Free	<65.0+build2-0ubuntu1
M Out-of-Bounds	<65.0+build2-0ubuntu1
M CVE-2018-18506	<65.0+build2-0ubuntu1
M Out-of-bounds Read	<65.0+build2-0ubuntu1
M Out-of-Bounds	<65.0+build2-0ubuntu1
M Out-of-Bounds	<64.0+build3-0ubuntu1
M Out-of-Bounds	<64.0+build3-0ubuntu1
L Improper Authentication	<63.0+build1-0ubuntu1
L Improper Input Validation	<63.0+build1-0ubuntu1
M Out-of-Bounds	<63.0+build1-0ubuntu1
M CVE-2018-12398	<63.0+build1-0ubuntu1
L Origin Validation Error	<63.0+build1-0ubuntu1
M Incorrect Permission Assignment for Critical Resource	<63.0+build1-0ubuntu1
M CVE-2018-12395	<63.0+build1-0ubuntu1
M Information Exposure	<63.0+build1-0ubuntu1
L CVE-2018-12403	<63.0+build1-0ubuntu1
M Out-of-Bounds	<63.0+build1-0ubuntu1
M Out-of-bounds Write	<63.0+build1-0ubuntu1
M CVE-2018-12392	<63.0+build1-0ubuntu1
M Improper Input Validation	<62.0.3+build1-0ubuntu1
M Incorrect Type Conversion or Cast	<62.0.3+build1-0ubuntu1
M Out-of-Bounds	<62.0+build2-0ubuntu1
M Out-of-Bounds	<62.0+build2-0ubuntu1
H Out-of-bounds Write	<70.0+build2-0ubuntu0.19.10.1
M Out-of-Bounds	<61.0.1+build1-0ubuntu0.18.04.1
M Out-of-Bounds	<61.0.1+build1-0ubuntu0.18.04.1
M Out-of-Bounds	<61.0.1+build1-0ubuntu0.18.04.1
M Out-of-Bounds	<55.0.2+build1-0ubuntu4
M Out-of-Bounds	<59.0.1+build1-0ubuntu1
M Out-of-Bounds	<55.0.2+build1-0ubuntu4
M Out-of-Bounds	<57.0.1+build2-0ubuntu1
M Out-of-Bounds	<60.0+build2-0ubuntu1
M Out-of-Bounds	<54.0+build3-0ubuntu1
M Out-of-Bounds	<57.0.1+build2-0ubuntu1
M Out-of-Bounds	<59.0.1+build1-0ubuntu1
M Use After Free	<55.0.2+build1-0ubuntu4
M Arbitrary Code Injection	<55.0.2+build1-0ubuntu4
M Out-of-Bounds	<54.0+build3-0ubuntu1
M Improper Input Validation	<55.0.2+build1-0ubuntu4
M Improper Input Validation	<55.0.2+build1-0ubuntu4
M Out-of-Bounds	<56.0+build6-0ubuntu1
M Out-of-Bounds	<59.0.1+build1-0ubuntu1
M Out-of-Bounds	<56.0+build6-0ubuntu1
M Cross-site Scripting (XSS)	<55.0.2+build1-0ubuntu4
M CVE-2017-7781	<55.0.2+build1-0ubuntu4
M Out-of-Bounds	<60.0+build2-0ubuntu1
M Arbitrary Code Injection	<55.0.2+build1-0ubuntu4
M Out-of-bounds Read	<56.0+build6-0ubuntu1
M Out-of-Bounds	<59.0.1+build1-0ubuntu1
M Out-of-Bounds	<59.0.1+build1-0ubuntu1
M Incorrect Default Permissions	<55.0.2+build1-0ubuntu4
M Information Exposure	<57.0.1+build2-0ubuntu1
M Origin Validation Error	<55.0.2+build1-0ubuntu4
M Use After Free	<55.0.2+build1-0ubuntu4
M Out-of-Bounds	<59.0.1+build1-0ubuntu1