Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/firefox-esr@128.10.1esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@128.10.1esr-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-7v6j-9uuc-qkc8 An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. CVE-2025-4919
VCID-8hm6-nz5h-yfcm An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. CVE-2025-4918

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-30T16:23:24.038736+00:00 Debian Importer Fixing VCID-8hm6-nz5h-yfcm https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-29T12:53:46.777974+00:00 Debian Importer Fixing VCID-7v6j-9uuc-qkc8 https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-16T11:29:03.287063+00:00 Debian Importer Fixing VCID-8hm6-nz5h-yfcm https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:48:13.612775+00:00 Debian Importer Fixing VCID-7v6j-9uuc-qkc8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T07:49:33.541909+00:00 Debian Importer Fixing VCID-8hm6-nz5h-yfcm https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:54:55.243881+00:00 Debian Importer Fixing VCID-7v6j-9uuc-qkc8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:23:47.507598+00:00 Debian Importer Fixing VCID-7v6j-9uuc-qkc8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:47.447602+00:00 Debian Importer Fixing VCID-8hm6-nz5h-yfcm https://security-tracker.debian.org/tracker/data/json 38.1.0