MozillaFirefox (SUSE:Linux Enterprise Module for Desktop Applications 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Desktop Applications 15 package MozillaFirefox, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (146)
CVE-2018-18505 — CVSS 10.0 (critical): An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC…
CVE-2019-11709 — CVSS 9.8 (critical): Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed…
CVE-2018-12376 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that…
CVE-2018-12377 — CVSS 9.8 (critical): A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is…
CVE-2018-12378 — CVSS 9.8 (critical): A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload…
CVE-2019-9820 — CVSS 9.8 (critical): A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially…
CVE-2019-9819 — CVSS 9.8 (critical): A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable…
CVE-2018-12390 — CVSS 9.8 (critical): Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed…
CVE-2018-12392 — CVSS 9.8 (critical): When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable…
CVE-2019-9800 — CVSS 9.8 (critical): Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of…
CVE-2019-9796 — CVSS 9.8 (critical): A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a…
CVE-2019-9795 — CVSS 9.8 (critical): A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to…
CVE-2019-9794 — CVSS 9.8 (critical): A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell…
CVE-2018-12405 — CVSS 9.8 (critical): Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed…
CVE-2018-18492 — CVSS 9.8 (critical): A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options…
CVE-2018-18493 — CVSS 9.8 (critical): A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the…
CVE-2019-9792 — CVSS 9.8 (critical): The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This…
CVE-2018-18498 — CVSS 9.8 (critical): A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used…
CVE-2018-18500 — CVSS 9.8 (critical): A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream…
CVE-2018-18501 — CVSS 9.8 (critical): Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed…
CVE-2019-9791 — CVSS 9.8 (critical): The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled…
CVE-2018-5150 — CVSS 9.8 (critical): Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory…
CVE-2018-5154 — CVSS 9.8 (critical): A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially…
CVE-2018-5155 — CVSS 9.8 (critical): A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially…
CVE-2018-5156 — CVSS 9.8 (critical): A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result…
CVE-2019-9790 — CVSS 9.8 (critical): A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then…
CVE-2018-5159 — CVSS 9.8 (critical): An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in…
CVE-2019-9788 — CVSS 9.8 (critical): Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of…
CVE-2018-5183 — CVSS 9.8 (critical): Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer…
CVE-2018-5188 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and…
CVE-2019-11691 — CVSS 9.8 (critical): A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called…
CVE-2019-11692 — CVSS 9.8 (critical): A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a…
CVE-2019-11693 — CVSS 9.8 (critical): The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious…
CVE-2019-11710 — CVSS 9.8 (critical): Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory…
CVE-2019-11713 — CVSS 9.8 (critical): A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially…
CVE-2019-11714 — CVSS 9.8 (critical): Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This…
CVE-2019-11733 — CVSS 9.8 (critical): When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It…
CVE-2019-9812 — CVSS 9.3 (critical): Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading…
CVE-2018-12387 — CVSS 9.1 (critical): A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer…
CVE-2019-11746 — CVSS 8.8 (high): A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a…
CVE-2019-17017 — CVSS 8.8 (high): Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough…
CVE-2019-17015 — CVSS 8.8 (high): During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially…
CVE-2019-17012 — CVSS 8.8 (high): Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory…
CVE-2018-12360 — CVSS 8.8 (high): A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element…
CVE-2018-12362 — CVSS 8.8 (high): An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in…
CVE-2018-12363 — CVSS 8.8 (high): A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old…
CVE-2018-12364 — CVSS 8.8 (high): NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307…
CVE-2020-6799 — CVSS 8.8 (high): Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This…
CVE-2020-6796 — CVSS 8.8 (high): A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write…
CVE-2020-6800 — CVSS 8.8 (high): Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed…
CVE-2018-5158 — CVSS 8.8 (high): The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a…
CVE-2019-17008 — CVSS 8.8 (high): When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This…
CVE-2019-17005 — CVSS 8.8 (high): The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the…
CVE-2018-12359 — CVSS 8.8 (high): A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing…
CVE-2019-11764 — CVSS 8.8 (high): Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed…
CVE-2019-9813 — CVSS 8.8 (high): Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read…
CVE-2019-11712 — CVSS 8.8 (high): POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can…
CVE-2019-11751 — CVSS 8.8 (high): Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks…
CVE-2019-11752 — CVSS 8.8 (high): It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and…
CVE-2019-11711 — CVSS 8.8 (high): When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different…
CVE-2019-11740 — CVSS 8.8 (high): Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these…
CVE-2018-12389 — CVSS 8.8 (high): Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of…
CVE-2019-11760 — CVSS 8.8 (high): A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some…
CVE-2018-6126 — CVSS 8.8 (high): A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2019-9810 — CVSS 8.8 (high): Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer…
CVE-2019-11759 — CVSS 8.8 (high): An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an…
CVE-2019-11758 — CVSS 8.8 (high): Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed…
CVE-2019-11757 — CVSS 8.8 (high): When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it…
CVE-2019-17024 — CVSS 8.8 (high): Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory…
CVE-2018-17466 — CVSS 8.8 (high): Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory…
CVE-2018-18335 — CVSS 8.8 (high): Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2018-18356 — CVSS 8.8 (high): An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to…
CVE-2019-11745 — CVSS 8.8 (high): When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds…
CVE-2019-11735 — CVSS 8.8 (high): Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed…
CVE-2019-9818 — CVSS 8.3 (high): A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a…
CVE-2019-9811 — CVSS 8.3 (high): As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a…
CVE-2019-11716 — CVSS 8.3 (high): Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as…
CVE-2018-12386 — CVSS 8.1 (high): A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to…
CVE-2018-12368 — CVSS 8.1 (high): Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded…
CVE-2018-5178 — CVSS 8.1 (high): A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This…
CVE-2019-9815 — CVSS 8.1 (high): If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS…
CVE-2018-12379 — CVSS 7.8 (high): When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading…
CVE-2019-17009 — CVSS 7.8 (high): When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to…
CVE-2019-11753 — CVSS 7.8 (high): The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by…
CVE-2019-11694 — CVSS 7.5 (high): A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making…
CVE-2019-11729 — CVSS 7.5 (high): Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into…
CVE-2019-11723 — CVSS 7.5 (high): A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context…
CVE-2018-12393 — CVSS 7.5 (high): A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16…
CVE-2018-12395 — CVSS 7.5 (high): By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting…
CVE-2019-15903 — CVSS 7.5 (high): In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a…
CVE-2019-11719 — CVSS 7.5 (high): When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the…
CVE-2019-17010 — CVSS 7.5 (high): Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have…
CVE-2019-17011 — CVSS 7.5 (high): Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a…
CVE-2018-5157 — CVSS 7.5 (high): Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This…
CVE-2018-12397 — CVSS 7.1 (high): A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all…
CVE-2019-11736 — CVSS 7.0 (high): The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the…
CVE-2018-12385 — CVSS 7.0 (high): A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user…
CVE-2019-11742 — CVSS 6.5 (medium): A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas>…
CVE-2018-12396 — CVSS 6.5 (medium): A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for…
CVE-2019-11721 — CVSS 6.5 (medium): The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks…
CVE-2019-13722 — CVSS 6.5 (medium): Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap…
CVE-2019-11725 — CVSS 6.5 (medium): When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but…
CVE-2019-11747 — CVSS 6.5 (medium): The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a…
CVE-2019-11748 — CVSS 6.5 (medium): WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party…
CVE-2018-12366 — CVSS 6.5 (medium): An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This…
CVE-2019-11750 — CVSS 6.5 (medium): A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69…
CVE-2018-18494 — CVSS 6.5 (medium): A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a…
CVE-2018-12365 — CVSS 6.5 (medium): A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user…
CVE-2019-11730 — CVSS 6.5 (medium): A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same…
CVE-2017-16541 — CVSS 6.5 (medium): Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP…
CVE-2019-5785 — CVSS 6.5 (medium): Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds…
CVE-2019-11738 — CVSS 6.3 (medium): If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of…
CVE-2019-11715 — CVSS 6.1 (medium): Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards…
CVE-2019-11724 — CVSS 6.1 (medium): Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now…
CVE-2019-17016 — CVSS 6.1 (medium): When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This…
CVE-2019-11744 — CVSS 6.1 (medium): Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is…
CVE-2019-17022 — CVSS 6.1 (medium): When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters…
CVE-2020-6798 — CVSS 6.1 (medium): If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be…
CVE-2019-11720 — CVSS 6.1 (medium): Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This…
CVE-2019-11763 — CVSS 6.1 (medium): Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could…
CVE-2019-11762 — CVSS 6.1 (medium): If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM…
CVE-2019-9816 — CVSS 5.9 (medium): A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the…
CVE-2018-12384 — CVSS 5.9 (medium): When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead…
CVE-2019-9793 — CVSS 5.9 (medium): A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been…
CVE-2018-18506 — CVSS 5.9 (medium): When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this…
CVE-2018-12404 — CVSS 5.9 (medium): A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant…
CVE-2018-12383 — CVSS 5.5 (medium): If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still…
CVE-2019-11761 — CVSS 5.4 (medium): By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact…
CVE-2019-17021 — CVSS 5.3 (medium): During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses…
CVE-2019-11698 — CVSS 5.3 (medium): If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped…
CVE-2019-7317 — CVSS 5.3 (medium): png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2018-5168 — CVSS 5.3 (medium): Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element…
CVE-2019-11717 — CVSS 5.3 (medium): A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator…
CVE-2019-11718 — CVSS 5.3 (medium): Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream…
CVE-2019-9801 — CVSS 5.3 (medium): Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a…
CVE-2019-11727 — CVSS 5.3 (medium): A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures…
CVE-2019-9817 — CVSS 5.3 (medium): Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a…
CVE-2018-12381 — CVSS 5.3 (medium): Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are…
CVE-2019-11728 — CVSS 4.7 (medium): The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a…
CVE-2018-0495 — CVSS 4.7 (medium): Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through…
CVE-2019-11749 — CVSS 4.3 (medium): A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal…
CVE-2020-6797 — CVSS 4.3 (medium): By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's…
CVE-2019-11743 — CVSS 3.7 (low): Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload…