VYPR

rpm package

almalinux/firefox-x11

pkg:rpm/almalinux/firefox-x11

Vulnerabilities (445)

  • CVE-2025-10533HigSep 16, 2025
    affected < 140.3.0-1.el9_6.alma.1fixed 140.3.0-1.el9_6.alma.1

    Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10532MedSep 16, 2025
    affected < 140.3.0-1.el9_6.alma.1fixed 140.3.0-1.el9_6.alma.1

    Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10529MedSep 16, 2025
    affected < 140.3.0-1.el9_6.alma.1fixed 140.3.0-1.el9_6.alma.1

    Same-origin policy bypass in the Layout component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10528HigSep 16, 2025
    affected < 140.3.0-1.el9_6.alma.1fixed 140.3.0-1.el9_6.alma.1

    Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-10527HigSep 16, 2025
    affected < 140.3.0-1.el9_6.alma.1fixed 140.3.0-1.el9_6.alma.1

    Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-9185HigAug 19, 2025
    affected < 128.14.0-2.el9_6.alma.1fixed 128.14.0-2.el9_6.alma.1

    Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these co

  • CVE-2025-9182HigAug 19, 2025
    affected < 128.14.0-2.el9_6.alma.1fixed 128.14.0-2.el9_6.alma.1

    Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability was fixed in Firefox 142, Firefox ESR 140.2, Thunderbird 142, and Thunderbird 140.2.

  • CVE-2025-9181MedAug 19, 2025
    affected < 128.14.0-2.el9_6.alma.1fixed 128.14.0-2.el9_6.alma.1

    Uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 142, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2.

  • CVE-2025-9180HigAug 19, 2025
    affected < 128.14.0-2.el9_6.alma.1fixed 128.14.0-2.el9_6.alma.1

    Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2.

  • CVE-2025-9179CriAug 19, 2025
    affected < 128.14.0-2.el9_6.alma.1fixed 128.14.0-2.el9_6.alma.1

    An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Fi

  • CVE-2025-8035HigJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploi

  • CVE-2025-8034HigJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these co

  • CVE-2025-8033MedJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunder

  • CVE-2025-8032HigJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.

  • CVE-2025-8031CriJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140

  • CVE-2025-8030HigJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.

  • CVE-2025-8029HigJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1.

  • CVE-2025-8028CriJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefo

  • CVE-2025-8027MedJul 22, 2025
    affected < 128.13.0-1.el9_6.alma.1fixed 128.13.0-1.el9_6.alma.1

    On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird

  • CVE-2025-6430MedJun 24, 2025
    affected < 128.12.0-1.el9_6.alma.1fixed 128.12.0-1.el9_6.alma.1

    When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability was fixed i

Page 11 of 23