Search for packages
| purl | pkg:alpm/archlinux/firefox@62.0.3-2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-53y3-s5pc-nbh1
Aliases: CVE-2018-12398 |
By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). |
Affected by 0 other vulnerabilities. |
|
VCID-7pu2-1t9x-5yf1
Aliases: CVE-2018-12403 |
If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. |
Affected by 0 other vulnerabilities. |
|
VCID-8k1r-9djq-h3bh
Aliases: CVE-2018-12390 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 0 other vulnerabilities. |
|
VCID-ctgf-rds5-4fda
Aliases: CVE-2018-12396 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 0 other vulnerabilities. |
|
VCID-eyf6-1map-zbdz
Aliases: CVE-2018-12395 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 0 other vulnerabilities. |
|
VCID-h8q1-8w25-2yfz
Aliases: CVE-2018-12399 |
When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. |
Affected by 0 other vulnerabilities. |
|
VCID-m5f4-3a7z-y7aj
Aliases: CVE-2018-12401 |
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. |
Affected by 0 other vulnerabilities. |
|
VCID-pqak-1a9a-b3g1
Aliases: CVE-2018-12402 |
The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the "Save Page As..." menu item is selected to save a page, which can result in saving the wrong version of resources based on those cookies. |
Affected by 0 other vulnerabilities. |
|
VCID-qq7q-7j4q-h7dz
Aliases: CVE-2018-12397 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 0 other vulnerabilities. |
|
VCID-r7vv-451v-nbag
Aliases: CVE-2018-12392 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 0 other vulnerabilities. |
|
VCID-t9c6-d2kv-2uhg
Aliases: CVE-2018-12388 |
Mozilla developers and community members Christian Holler, Dana Keeler, Ronald Crane, Marcia Knous, Tyson Smith, Daniel Veditz, and Steve Fink reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-07T13:59:08.969410+00:00 | Arch Linux Importer | Affected by | VCID-t9c6-d2kv-2uhg | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.957579+00:00 | Arch Linux Importer | Affected by | VCID-8k1r-9djq-h3bh | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.944191+00:00 | Arch Linux Importer | Affected by | VCID-r7vv-451v-nbag | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.923898+00:00 | Arch Linux Importer | Affected by | VCID-eyf6-1map-zbdz | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.909795+00:00 | Arch Linux Importer | Affected by | VCID-ctgf-rds5-4fda | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.896445+00:00 | Arch Linux Importer | Affected by | VCID-qq7q-7j4q-h7dz | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.882900+00:00 | Arch Linux Importer | Affected by | VCID-53y3-s5pc-nbh1 | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.870738+00:00 | Arch Linux Importer | Affected by | VCID-h8q1-8w25-2yfz | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.856417+00:00 | Arch Linux Importer | Affected by | VCID-m5f4-3a7z-y7aj | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.839910+00:00 | Arch Linux Importer | Affected by | VCID-pqak-1a9a-b3g1 | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-07T13:59:08.828204+00:00 | Arch Linux Importer | Affected by | VCID-7pu2-1t9x-5yf1 | https://security.archlinux.org/AVG-787 | 38.1.0 |
| 2026-04-01T18:24:34.188012+00:00 | Arch Linux Importer | Affected by | VCID-t9c6-d2kv-2uhg | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:34.161293+00:00 | Arch Linux Importer | Affected by | VCID-8k1r-9djq-h3bh | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:34.133522+00:00 | Arch Linux Importer | Affected by | VCID-r7vv-451v-nbag | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:34.108310+00:00 | Arch Linux Importer | Affected by | VCID-eyf6-1map-zbdz | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:34.082380+00:00 | Arch Linux Importer | Affected by | VCID-ctgf-rds5-4fda | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:34.054976+00:00 | Arch Linux Importer | Affected by | VCID-qq7q-7j4q-h7dz | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:34.028799+00:00 | Arch Linux Importer | Affected by | VCID-53y3-s5pc-nbh1 | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:34.001668+00:00 | Arch Linux Importer | Affected by | VCID-h8q1-8w25-2yfz | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:33.976556+00:00 | Arch Linux Importer | Affected by | VCID-m5f4-3a7z-y7aj | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:33.949185+00:00 | Arch Linux Importer | Affected by | VCID-pqak-1a9a-b3g1 | https://security.archlinux.org/AVG-787 | 38.0.0 |
| 2026-04-01T18:24:33.922251+00:00 | Arch Linux Importer | Affected by | VCID-7pu2-1t9x-5yf1 | https://security.archlinux.org/AVG-787 | 38.0.0 |