pkg:Debian/firefox-esr

All known vulnerabilities

• CRITICAL10.0CVE-2019-11708⚠ KEVfirefox-esr - security update
  from 0, < 60.7.2esr-1~deb9u1
• CRITICAL10.0CVE-2019-11708⚠ KEVfirefox-esr - security update
  from 0, < 60.7.2esr-1
• CRITICAL9.8CVE-2024-9680⚠ KEVfirefox-esr - security update
  from 0, < 128.3.1esr-1~deb11u1
• CRITICAL9.8⚠ KEVfirefox-esr - security update
  from 0, < 128.3.1esr-1~deb11u1
• CRITICAL9.8⚠ KEVfirefox-esr - security update
  from 0, < 128.3.1esr-1~deb12u1
• CRITICAL9.6⚠ KEVMozilla Firefox Use-After-Free Vulnerability
  from 0, < 91.6.1esr-1~deb11u1
• HIGH8.8⚠ KEVlibvpx - security update
  from 0, < 115.3.1esr-1~deb11u1
• HIGH8.8⚠ KEVlibvpx - security update
  from 0, < 115.3.1esr-1~deb11u1
• HIGH8.8⚠ KEVlibvpx - security update
  from 0, < 115.3.1esr-1~deb10u1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 102.15.1esr-1~deb11u1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 102.15.1esr-1~deb10u1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 102.15.1esr-1~deb11u1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 91.6.1esr-1~deb10u1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 91.6.1esr-1~deb11u1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 91.6.1esr-1~deb9u1
• HIGH8.8⚠ KEVfirefox-esr - security update
  from 0, < 68.4.1esr-1
• HIGH8.8⚠ KEVfirefox-esr - security update
  from 0, < 68.4.1esr-1~deb8u1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 60.7.1esr-1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 60.7.1esr-1~deb9u1
• HIGH8.8⚠ KEVthunderbird - security update
  from 0, < 60.7.1esr-1~deb8u1
• HIGH8.1⚠ KEVMozilla Firefox And Thunderbird Use-After-Free Vulnerability
  from 0, < 68.6.1esr-1
• HIGH8.1⚠ KEVthunderbird - security update
  from 0, < 68.6.1esr-1~deb9u1
• HIGH8.1⚠ KEVthunderbird - security update
  from 0, < 68.7.0esr-1~deb8u1
• HIGH8.1⚠ KEVthunderbird - security update
  from 0, < 68.6.1esr-1
• HIGH7.5⚠ KEVfirefox-esr - security update
  from 0, < 45.5.1esr-1~deb8u1
• HIGH7.5⚠ KEVfirefox-esr - security update
  from 0, < 45.5.1esr-1
• CRITICAL10.0Sandbox escape in the Responsive Design Mode component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL10.0Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL10.0Sandbox escape due to use-after-free in the Disability Access APIs component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL10.0Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL10.0Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL10.0Sandbox escape in the Storage: IndexedDB component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL10.0Sandbox escape in the Graphics: WebRender component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL10.0Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL10.0thunderbird - security update
  from 0, < 91.5.0esr-1~deb11u1
• CRITICAL10.0thunderbird - security update
  from 0, < 91.5.0esr-1~deb10u1
• CRITICAL10.0thunderbird - security update
  from 0, < 91.5.0esr-1~deb9u1
• CRITICAL10.0firefox-esr - security update
  from 0, < 91.4.1esr-1~deb9u1
• CRITICAL10.0firefox-esr - security update
  from 0, < 91.4.1esr-1~deb11u1
• CRITICAL10.0firefox-esr - security update
  from 0, < 91.4.1esr-1~deb11u1
• CRITICAL10.0An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC end…
  from 0, < 60.5.0esr-1
• CRITICAL9.8Integer overflow in the Networking: JAR component.
  from 0, < 140.11.0esr-1~deb11u1
• CRITICAL9.8Sandbox escape in the Profile Backup component.
  from 0, < 140.11.0esr-1~deb11u1
• CRITICAL9.8Other issue in the WebRTC component.
  from 0, < 140.10.2esr-1~deb11u1
• CRITICAL9.8Incorrect boundary conditions in the Audio/Video: Playback component.
  from 0, < 140.10.1esr-1~deb11u1
• CRITICAL9.8Mitigation bypass in the DOM: Security component.
  from 0, < 140.10.0esr-1~deb11u1
• CRITICAL9.8Uninitialized memory in the Audio/Video: Web Codecs component.
  from 0, < 140.10.0esr-1~deb11u1
• CRITICAL9.8Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1.
  from 0, < 140.9.1esr-1~deb11u1
• CRITICAL9.8Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1.
  from 0, < 140.9.1esr-1~deb11u1
• CRITICAL9.8Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Privilege escalation in the Netmonitor component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the Widget: Cocoa component.
  from 0
• CRITICAL9.8Incorrect boundary conditions in the Audio/Video component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Undefined behavior in the WebRTC: Signaling component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8JIT miscompilation in the JavaScript Engine component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the JavaScript Engine component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Mitigation bypass in the Networking: HTTP component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8JIT miscompilation in the JavaScript Engine: JIT component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the Layout: Text and Fonts component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the CSS Parsing and Computation component.
  from 0, < 140.9.0esr-1~deb11u1
• CRITICAL9.8Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Mitigation bypass in the Networking: Cache component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Same-origin policy bypass in the Networking: JAR component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the Graphics: ImageLib component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Incorrect boundary conditions in the Audio/Video: GMP component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the DOM: Window and Location component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the JavaScript Engine component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Invalid pointer in the JavaScript Engine component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Mitigation bypass in the DOM: Security component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Privilege escalation in the Netmonitor component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8nss - security update
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Privilege escalation in the Netmonitor component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Incorrect boundary conditions in the Networking: JAR component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Privilege escalation in the Messaging System component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Mitigation bypass in the DOM: HTML Parser component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Integer overflow in the Audio/Video component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Incorrect boundary conditions in the Web Audio component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the Audio/Video: Playback component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Undefined behavior in the DOM: Core & HTML component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the DOM: Bindings (WebIDL) component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the JavaScript: WebAssembly component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the JavaScript Engine: JIT component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the JavaScript Engine component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8JIT miscompilation, use-after-free in the JavaScript Engine: JIT component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the JavaScript Engine component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Integer overflow in the JavaScript: Standard Library component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Incorrect boundary conditions in the Graphics: ImageLib component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8Use-after-free in the JavaScript: GC component.
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8thunderbird - security update
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8thunderbird - security update
  from 0, < 140.8.0esr-1~deb11u1
• CRITICAL9.8thunderbird - security update
  from 0, < 140.8.0esr-1~deb12u1
• CRITICAL9.8Use-after-free in the JavaScript Engine component.
  from 0, < 140.7.0esr-1~deb11u1
• CRITICAL9.8Sandbox escape due to incorrect boundary conditions in the Graphics component.
  from 0, < 140.7.0esr-1~deb11u1
• CRITICAL9.8JIT miscompilation in the JavaScript Engine: JIT component.
  from 0, < 140.6.0esr-1~deb11u1
• CRITICAL9.8JIT miscompilation in the JavaScript Engine: JIT component.
  from 0, < 140.6.0esr-1~deb11u1
• CRITICAL9.8thunderbird - security update
  from 0, < 140.6.0esr-1~deb12u1
• CRITICAL9.8thunderbird - security update
  from 0, < 140.6.0esr-1~deb11u1
• CRITICAL9.8thunderbird - security update
  from 0, < 140.6.0esr-1~deb11u1