Search for packages
| purl | pkg:alpm/archlinux/firefox@71.0-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6fvj-phnx-kfgs
Aliases: CVE-2019-17023 |
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. |
Affected by 1 other vulnerability. |
|
VCID-7hkk-2k6p-vyc7
Aliases: CVE-2019-17024 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 1 other vulnerability. |
|
VCID-9v4g-hwwe-3ybg
Aliases: CVE-2019-17025 |
Mozilla developers Karl Tomlinson, Jason Kratzer, Tyson Smith, Jon Coppeard, and Christian Holler reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
Affected by 1 other vulnerability. |
|
VCID-ap8s-63rs-jyff
Aliases: CVE-2019-17020 |
If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. |
Affected by 1 other vulnerability. |
|
VCID-c4qs-a9kw-p3hc
Aliases: CVE-2019-17017 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 1 other vulnerability. |
|
VCID-javq-3r82-73fq
Aliases: CVE-2019-17022 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 1 other vulnerability. |
|
VCID-x12h-hqf2-37cc
Aliases: CVE-2019-17016 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-3smq-ax5u-ryd3 | Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
CVE-2019-17012
|
| VCID-4sv2-j8zg-xkhf | When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* |
CVE-2019-17009
|
| VCID-8xkk-qc7d-fqg2 | Mozilla developers and community members Philipp, Diego Calleja, Mikhail Gavrilov, Jason Kratzer, Christian Holler, Markus Stange, Tyson Smith reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
CVE-2019-17013
|
| VCID-ex1b-2rdy-7qhw | Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
CVE-2019-17005
|
| VCID-ftfg-b795-qyan | If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. |
CVE-2019-17014
|
| VCID-n6s1-tsx2-7fee | Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). |
CVE-2019-11756
|
| VCID-pws7-8qmm-hfes | Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
CVE-2019-17008
|
| VCID-vzb9-aeqz-hybr | Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
CVE-2019-11745
|
| VCID-zh2m-qyw5-dkgn | Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
CVE-2019-17011
|
| VCID-zstj-sux9-ubdd | Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
CVE-2019-17010
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-07T13:59:07.676398+00:00 | Arch Linux Importer | Fixing | VCID-vzb9-aeqz-hybr | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.663614+00:00 | Arch Linux Importer | Fixing | VCID-n6s1-tsx2-7fee | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.649399+00:00 | Arch Linux Importer | Fixing | VCID-ex1b-2rdy-7qhw | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.636224+00:00 | Arch Linux Importer | Fixing | VCID-pws7-8qmm-hfes | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.624332+00:00 | Arch Linux Importer | Fixing | VCID-4sv2-j8zg-xkhf | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.612861+00:00 | Arch Linux Importer | Fixing | VCID-zstj-sux9-ubdd | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.600843+00:00 | Arch Linux Importer | Fixing | VCID-zh2m-qyw5-dkgn | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.586304+00:00 | Arch Linux Importer | Fixing | VCID-3smq-ax5u-ryd3 | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.572710+00:00 | Arch Linux Importer | Fixing | VCID-8xkk-qc7d-fqg2 | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.559227+00:00 | Arch Linux Importer | Fixing | VCID-ftfg-b795-qyan | https://security.archlinux.org/AVG-1071 | 38.1.0 |
| 2026-04-07T13:59:07.543968+00:00 | Arch Linux Importer | Affected by | VCID-x12h-hqf2-37cc | https://security.archlinux.org/AVG-1084 | 38.1.0 |
| 2026-04-07T13:59:07.532357+00:00 | Arch Linux Importer | Affected by | VCID-c4qs-a9kw-p3hc | https://security.archlinux.org/AVG-1084 | 38.1.0 |
| 2026-04-07T13:59:07.522076+00:00 | Arch Linux Importer | Affected by | VCID-ap8s-63rs-jyff | https://security.archlinux.org/AVG-1084 | 38.1.0 |
| 2026-04-07T13:59:07.500054+00:00 | Arch Linux Importer | Affected by | VCID-javq-3r82-73fq | https://security.archlinux.org/AVG-1084 | 38.1.0 |
| 2026-04-07T13:59:07.486498+00:00 | Arch Linux Importer | Affected by | VCID-6fvj-phnx-kfgs | https://security.archlinux.org/AVG-1084 | 38.1.0 |
| 2026-04-07T13:59:07.473136+00:00 | Arch Linux Importer | Affected by | VCID-7hkk-2k6p-vyc7 | https://security.archlinux.org/AVG-1084 | 38.1.0 |
| 2026-04-07T13:59:07.456472+00:00 | Arch Linux Importer | Affected by | VCID-9v4g-hwwe-3ybg | https://security.archlinux.org/AVG-1084 | 38.1.0 |
| 2026-04-01T18:24:26.578971+00:00 | Arch Linux Importer | Fixing | VCID-vzb9-aeqz-hybr | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.554513+00:00 | Arch Linux Importer | Fixing | VCID-n6s1-tsx2-7fee | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.530550+00:00 | Arch Linux Importer | Fixing | VCID-ex1b-2rdy-7qhw | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.508410+00:00 | Arch Linux Importer | Fixing | VCID-pws7-8qmm-hfes | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.484354+00:00 | Arch Linux Importer | Fixing | VCID-4sv2-j8zg-xkhf | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.459544+00:00 | Arch Linux Importer | Fixing | VCID-zstj-sux9-ubdd | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.436352+00:00 | Arch Linux Importer | Fixing | VCID-zh2m-qyw5-dkgn | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.413118+00:00 | Arch Linux Importer | Fixing | VCID-3smq-ax5u-ryd3 | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.391309+00:00 | Arch Linux Importer | Fixing | VCID-8xkk-qc7d-fqg2 | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:26.366829+00:00 | Arch Linux Importer | Fixing | VCID-ftfg-b795-qyan | https://security.archlinux.org/AVG-1071 | 38.0.0 |
| 2026-04-01T18:24:25.290734+00:00 | Arch Linux Importer | Affected by | VCID-x12h-hqf2-37cc | https://security.archlinux.org/AVG-1084 | 38.0.0 |
| 2026-04-01T18:24:25.266222+00:00 | Arch Linux Importer | Affected by | VCID-c4qs-a9kw-p3hc | https://security.archlinux.org/AVG-1084 | 38.0.0 |
| 2026-04-01T18:24:25.242876+00:00 | Arch Linux Importer | Affected by | VCID-ap8s-63rs-jyff | https://security.archlinux.org/AVG-1084 | 38.0.0 |
| 2026-04-01T18:24:25.219651+00:00 | Arch Linux Importer | Affected by | VCID-javq-3r82-73fq | https://security.archlinux.org/AVG-1084 | 38.0.0 |
| 2026-04-01T18:24:25.195497+00:00 | Arch Linux Importer | Affected by | VCID-6fvj-phnx-kfgs | https://security.archlinux.org/AVG-1084 | 38.0.0 |
| 2026-04-01T18:24:25.171718+00:00 | Arch Linux Importer | Affected by | VCID-7hkk-2k6p-vyc7 | https://security.archlinux.org/AVG-1084 | 38.0.0 |
| 2026-04-01T18:24:25.149361+00:00 | Arch Linux Importer | Affected by | VCID-9v4g-hwwe-3ybg | https://security.archlinux.org/AVG-1084 | 38.0.0 |