Search for packages
| purl | pkg:alpm/archlinux/firefox@49.0.2-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3dea-vjmc-b7eb
Aliases: CVE-2016-5297 |
Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird the worst of which could lead to the execution of arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-47dr-szw4-ryfr
Aliases: CVE-2016-5292 |
During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. |
Affected by 2 other vulnerabilities. |
|
VCID-545u-wnrj-z3dh
Aliases: CVE-2016-5291 |
Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird the worst of which could lead to the execution of arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-6cde-35h4-vqaj
Aliases: CVE-2016-9075 |
An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. |
Affected by 2 other vulnerabilities. |
|
VCID-6pk2-g77j-h3b2
Aliases: CVE-2016-9063 |
An integer overflow during the parsing of XML using the Expat library. |
Affected by 2 other vulnerabilities. |
|
VCID-9gcq-8grt-vfhc
Aliases: CVE-2016-9070 |
A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. |
Affected by 2 other vulnerabilities. |
|
VCID-f8wd-xgwu-8kgm
Aliases: CVE-2016-9077 |
Canvas allows the use of the feDisplacementMap filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. |
Affected by 2 other vulnerabilities. |
|
VCID-jvy8-w1m2-ayaw
Aliases: CVE-2016-9068 |
A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. |
Affected by 2 other vulnerabilities. |
|
VCID-mdpv-kcbb-9ubj
Aliases: CVE-2016-9071 |
Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. |
Affected by 2 other vulnerabilities. |
|
VCID-pybp-xzy7-q3a8
Aliases: CVE-2016-9067 |
Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. |
Affected by 2 other vulnerabilities. |
|
VCID-qptm-f15t-57gj
Aliases: CVE-2016-5290 |
Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird the worst of which could lead to the execution of arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-rz6b-kepf-cfg9
Aliases: CVE-2016-5289 |
Mozilla developers and community members Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, and Markus Stange reported memory safety bugs present in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-swmb-24y4-1kau
Aliases: CVE-2016-9064 |
Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird the worst of which could lead to the execution of arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-tgya-wnfn-t7eb
Aliases: CVE-2016-9066 |
Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird the worst of which could lead to the execution of arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-v28j-cvrw-p3c7
Aliases: CVE-2016-9073 |
WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. |
Affected by 2 other vulnerabilities. |
|
VCID-yegk-sgdn-z3ae
Aliases: CVE-2016-5296 |
Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird the worst of which could lead to the execution of arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-yy4z-p3f1-qbbc
Aliases: CVE-2016-9076 |
An issue where a <select> dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-07T13:59:11.693239+00:00 | Arch Linux Importer | Affected by | VCID-rz6b-kepf-cfg9 | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.678730+00:00 | Arch Linux Importer | Affected by | VCID-qptm-f15t-57gj | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.666252+00:00 | Arch Linux Importer | Affected by | VCID-545u-wnrj-z3dh | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.655038+00:00 | Arch Linux Importer | Affected by | VCID-47dr-szw4-ryfr | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.641934+00:00 | Arch Linux Importer | Affected by | VCID-yegk-sgdn-z3ae | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.629682+00:00 | Arch Linux Importer | Affected by | VCID-3dea-vjmc-b7eb | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.617800+00:00 | Arch Linux Importer | Affected by | VCID-6pk2-g77j-h3b2 | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.606107+00:00 | Arch Linux Importer | Affected by | VCID-swmb-24y4-1kau | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.593614+00:00 | Arch Linux Importer | Affected by | VCID-tgya-wnfn-t7eb | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.581722+00:00 | Arch Linux Importer | Affected by | VCID-pybp-xzy7-q3a8 | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.567204+00:00 | Arch Linux Importer | Affected by | VCID-jvy8-w1m2-ayaw | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.555290+00:00 | Arch Linux Importer | Affected by | VCID-9gcq-8grt-vfhc | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.543460+00:00 | Arch Linux Importer | Affected by | VCID-mdpv-kcbb-9ubj | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.531727+00:00 | Arch Linux Importer | Affected by | VCID-v28j-cvrw-p3c7 | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.520104+00:00 | Arch Linux Importer | Affected by | VCID-6cde-35h4-vqaj | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.509403+00:00 | Arch Linux Importer | Affected by | VCID-yy4z-p3f1-qbbc | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-07T13:59:11.496185+00:00 | Arch Linux Importer | Affected by | VCID-f8wd-xgwu-8kgm | https://security.archlinux.org/AVG-72 | 38.1.0 |
| 2026-04-01T18:24:59.761917+00:00 | Arch Linux Importer | Affected by | VCID-rz6b-kepf-cfg9 | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.739896+00:00 | Arch Linux Importer | Affected by | VCID-qptm-f15t-57gj | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.717766+00:00 | Arch Linux Importer | Affected by | VCID-545u-wnrj-z3dh | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.695652+00:00 | Arch Linux Importer | Affected by | VCID-47dr-szw4-ryfr | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.673019+00:00 | Arch Linux Importer | Affected by | VCID-yegk-sgdn-z3ae | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.638641+00:00 | Arch Linux Importer | Affected by | VCID-3dea-vjmc-b7eb | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.615503+00:00 | Arch Linux Importer | Affected by | VCID-6pk2-g77j-h3b2 | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.592805+00:00 | Arch Linux Importer | Affected by | VCID-swmb-24y4-1kau | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.567283+00:00 | Arch Linux Importer | Affected by | VCID-tgya-wnfn-t7eb | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.544122+00:00 | Arch Linux Importer | Affected by | VCID-pybp-xzy7-q3a8 | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.522045+00:00 | Arch Linux Importer | Affected by | VCID-jvy8-w1m2-ayaw | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.499996+00:00 | Arch Linux Importer | Affected by | VCID-9gcq-8grt-vfhc | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.476700+00:00 | Arch Linux Importer | Affected by | VCID-mdpv-kcbb-9ubj | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.452205+00:00 | Arch Linux Importer | Affected by | VCID-v28j-cvrw-p3c7 | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.426775+00:00 | Arch Linux Importer | Affected by | VCID-6cde-35h4-vqaj | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.400876+00:00 | Arch Linux Importer | Affected by | VCID-yy4z-p3f1-qbbc | https://security.archlinux.org/AVG-72 | 38.0.0 |
| 2026-04-01T18:24:59.377981+00:00 | Arch Linux Importer | Affected by | VCID-f8wd-xgwu-8kgm | https://security.archlinux.org/AVG-72 | 38.0.0 |