VulnerableCode Package Details - pkg:alpm/archlinux/firefox@64.0-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9h4y-xcex-1fch	WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions.	CVE-2018-18495
VCID-cszr-1fu2-6be5	Mozilla developers and community members Alex Gaynor, André Bargull, Boris Zbarsky, Christian Holler, Jan de Mooij, Jason Kratzer, Philipp, Ronald Crane, Natalia Csoregi, and Paul Theriault reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.	CVE-2018-12406
VCID-ka9x-22be-p7aw	Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which allows remote attackers to execute arbitrary code.	CVE-2018-17466
VCID-n1v6-q6wt-ebaj	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	CVE-2018-18494
VCID-qvqm-n242-vyea	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	CVE-2018-12405
VCID-skbg-e4em-bkaw	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	CVE-2018-18492
VCID-vnmz-2agw-k3fg	A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash.	CVE-2018-12407
VCID-wzt1-wzps-kqbr	Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to opened privileged about: or file: locations.	CVE-2018-18497
VCID-yq6p-sv1g-m3bj	Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.	CVE-2018-18493

Vulnerability

Summary

Aliases

VCID-9h4y-xcex-1fch

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions.

CVE-2018-18495

VCID-cszr-1fu2-6be5

Mozilla developers and community members Alex Gaynor, André Bargull, Boris Zbarsky, Christian Holler, Jan de Mooij, Jason Kratzer, Philipp, Ronald Crane, Natalia Csoregi, and Paul Theriault reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

CVE-2018-12406

VCID-ka9x-22be-p7aw

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which allows remote attackers to execute arbitrary code.

CVE-2018-17466

VCID-n1v6-q6wt-ebaj

Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.

CVE-2018-18494

VCID-qvqm-n242-vyea

Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.

CVE-2018-12405

VCID-skbg-e4em-bkaw

Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.

CVE-2018-18492

VCID-vnmz-2agw-k3fg

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash.

CVE-2018-12407

VCID-wzt1-wzps-kqbr

Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to opened privileged about: or file: locations.

CVE-2018-18497

VCID-yq6p-sv1g-m3bj

Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.

CVE-2018-18493

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-07T13:59:08.817614+00:00	Arch Linux Importer	Fixing	VCID-qvqm-n242-vyea	https://security.archlinux.org/AVG-833	38.1.0
2026-04-07T13:59:08.805567+00:00	Arch Linux Importer	Fixing	VCID-cszr-1fu2-6be5	https://security.archlinux.org/AVG-833	38.1.0
2026-04-07T13:59:08.793494+00:00	Arch Linux Importer	Fixing	VCID-vnmz-2agw-k3fg	https://security.archlinux.org/AVG-833	38.1.0
2026-04-07T13:59:08.781607+00:00	Arch Linux Importer	Fixing	VCID-ka9x-22be-p7aw	https://security.archlinux.org/AVG-833	38.1.0
2026-04-07T13:59:08.769330+00:00	Arch Linux Importer	Fixing	VCID-skbg-e4em-bkaw	https://security.archlinux.org/AVG-833	38.1.0
2026-04-07T13:59:08.757515+00:00	Arch Linux Importer	Fixing	VCID-yq6p-sv1g-m3bj	https://security.archlinux.org/AVG-833	38.1.0
2026-04-07T13:59:08.745837+00:00	Arch Linux Importer	Fixing	VCID-n1v6-q6wt-ebaj	https://security.archlinux.org/AVG-833	38.1.0
2026-04-07T13:59:08.733365+00:00	Arch Linux Importer	Fixing	VCID-9h4y-xcex-1fch	https://security.archlinux.org/AVG-833	38.1.0
2026-04-07T13:59:08.720896+00:00	Arch Linux Importer	Fixing	VCID-wzt1-wzps-kqbr	https://security.archlinux.org/AVG-833	38.1.0
2026-04-01T18:24:32.629408+00:00	Arch Linux Importer	Fixing	VCID-qvqm-n242-vyea	https://security.archlinux.org/AVG-833	38.0.0
2026-04-01T18:24:32.602395+00:00	Arch Linux Importer	Fixing	VCID-cszr-1fu2-6be5	https://security.archlinux.org/AVG-833	38.0.0
2026-04-01T18:24:32.578201+00:00	Arch Linux Importer	Fixing	VCID-vnmz-2agw-k3fg	https://security.archlinux.org/AVG-833	38.0.0
2026-04-01T18:24:32.553581+00:00	Arch Linux Importer	Fixing	VCID-ka9x-22be-p7aw	https://security.archlinux.org/AVG-833	38.0.0
2026-04-01T18:24:32.529941+00:00	Arch Linux Importer	Fixing	VCID-skbg-e4em-bkaw	https://security.archlinux.org/AVG-833	38.0.0
2026-04-01T18:24:32.504435+00:00	Arch Linux Importer	Fixing	VCID-yq6p-sv1g-m3bj	https://security.archlinux.org/AVG-833	38.0.0
2026-04-01T18:24:32.479967+00:00	Arch Linux Importer	Fixing	VCID-n1v6-q6wt-ebaj	https://security.archlinux.org/AVG-833	38.0.0
2026-04-01T18:24:32.453377+00:00	Arch Linux Importer	Fixing	VCID-9h4y-xcex-1fch	https://security.archlinux.org/AVG-833	38.0.0
2026-04-01T18:24:32.430456+00:00	Arch Linux Importer	Fixing	VCID-wzt1-wzps-kqbr	https://security.archlinux.org/AVG-833	38.0.0

2026-04-07T13:59:08.817614+00:00

Arch Linux Importer

Fixing