VulnerableCode Package Details - pkg:alpm/archlinux/firefox@59.0-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/firefox@59.0-2

Essentials
History (3)

purl	pkg:alpm/archlinux/firefox@59.0-2

Next non-vulnerable version	59.0.1-1
Latest non-vulnerable version	101.0-1
Risk	4.5

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-bxdr-5t7k-rbdn Aliases: CVE-2018-5147	The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source.	59.0.1-1 Affected by 0 other vulnerabilities.
VCID-fdue-dg92-13cp Aliases: CVE-2018-5146	Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code.	59.0.1-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-07T13:59:09.538710+00:00	Arch Linux Importer	Affected by	VCID-fdue-dg92-13cp	https://security.archlinux.org/AVG-657	38.1.0
2026-04-01T18:24:38.791414+00:00	Arch Linux Importer	Affected by	VCID-fdue-dg92-13cp	https://security.archlinux.org/AVG-657	38.0.0
2026-04-01T18:24:38.679231+00:00	Arch Linux Importer	Affected by	VCID-bxdr-5t7k-rbdn	https://security.archlinux.org/AVG-659	38.0.0