Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/firefox-esr@140.10.0esr-1~deb12u1
purl pkg:deb/debian/firefox-esr@140.10.0esr-1~deb12u1
Next non-vulnerable version 140.10.1esr-1~deb12u1
Latest non-vulnerable version 140.10.1esr-1~deb12u1
Risk
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-1y9d-wx59-fyh2
Aliases:
CVE-2026-7323
Memory safety bugs present in Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1 and Firefox ESR 140.10.1.
140.10.1esr-1~deb12u1
Affected by 0 other vulnerabilities.
140.10.1esr-1
Affected by 1 other vulnerability.
VCID-9uk1-zvat-5qc9
Aliases:
CVE-2026-7320
Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1.
140.10.1esr-1~deb12u1
Affected by 0 other vulnerabilities.
140.10.1esr-1
Affected by 1 other vulnerability.
VCID-ndwm-svz7-5uen
Aliases:
CVE-2026-7321
Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox ESR 140.10.1.
140.10.1esr-1~deb12u1
Affected by 0 other vulnerabilities.
140.10.1esr-1
Affected by 1 other vulnerability.
VCID-zkbj-717t-j3hw
Aliases:
CVE-2026-7322
Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10.0 and Firefox 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1.
140.10.1esr-1~deb12u1
Affected by 0 other vulnerabilities.
140.10.1esr-1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (24)
Vulnerability Summary Aliases
VCID-2fqb-r5zb-a7dp CVE-2026-6748
VCID-3kv6-c148-nkhq CVE-2026-6765
VCID-59d3-343b-e3aw CVE-2026-6770
VCID-61r1-arbe-dke4 CVE-2026-6761
VCID-7jt2-zr49-7ye5 CVE-2026-6766
VCID-95et-ezmb-buau CVE-2026-6751
VCID-9nbw-7c9e-13af CVE-2026-6763
VCID-av7u-3g4m-mugm CVE-2026-6762
VCID-bwth-uepr-z7a3 CVE-2026-6750
VCID-cjsm-7gxr-8ygw CVE-2026-6746
VCID-d16s-p141-qbft CVE-2026-6752
VCID-fxjm-ywug-f3d5 CVE-2026-6767
VCID-hk2m-rbdy-nqhc CVE-2026-6772
VCID-ma29-qa7e-9qb4 CVE-2026-6764
VCID-nge1-4cvg-zqb2 CVE-2026-6769
VCID-nyum-jpbc-abew CVE-2026-6776
VCID-p6yz-xs58-u3gm Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. CVE-2026-6786
VCID-pfmd-zv8f-8bfc Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. CVE-2026-6785
VCID-q689-wneh-hbdq CVE-2026-6757
VCID-q8qp-5szp-mfe8 CVE-2026-6749
VCID-ruqn-mk9t-57hb CVE-2026-6753
VCID-tv7r-qf2c-dqbm CVE-2026-6771
VCID-w98r-yagc-kkec CVE-2026-6754
VCID-z6tm-b352-5uhk CVE-2026-6747

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-04T02:21:06.185385+00:00 Debian Oval Importer Affected by VCID-9uk1-zvat-5qc9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:20:16.483268+00:00 Debian Oval Importer Affected by VCID-zkbj-717t-j3hw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:20:12.978651+00:00 Debian Oval Importer Affected by VCID-ndwm-svz7-5uen https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:20:12.253805+00:00 Debian Oval Importer Affected by VCID-1y9d-wx59-fyh2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:16:36.086659+00:00 Debian Oval Importer Fixing VCID-pfmd-zv8f-8bfc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:16:32.590918+00:00 Debian Oval Importer Fixing VCID-d16s-p141-qbft https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:16:27.010215+00:00 Debian Oval Importer Fixing VCID-fxjm-ywug-f3d5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:16:25.614666+00:00 Debian Oval Importer Fixing VCID-cjsm-7gxr-8ygw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:16:10.898718+00:00 Debian Oval Importer Fixing VCID-av7u-3g4m-mugm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:16:00.921465+00:00 Debian Oval Importer Fixing VCID-bwth-uepr-z7a3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:15:49.962040+00:00 Debian Oval Importer Fixing VCID-ruqn-mk9t-57hb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:15:47.887363+00:00 Debian Oval Importer Fixing VCID-3kv6-c148-nkhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:15:37.969135+00:00 Debian Oval Importer Fixing VCID-59d3-343b-e3aw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:15:21.780959+00:00 Debian Oval Importer Fixing VCID-q689-wneh-hbdq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:15:20.229847+00:00 Debian Oval Importer Fixing VCID-9nbw-7c9e-13af https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:15:18.606843+00:00 Debian Oval Importer Fixing VCID-2fqb-r5zb-a7dp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:15:15.704618+00:00 Debian Oval Importer Fixing VCID-p6yz-xs58-u3gm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:15:05.663340+00:00 Debian Oval Importer Fixing VCID-tv7r-qf2c-dqbm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:59.438561+00:00 Debian Oval Importer Fixing VCID-7jt2-zr49-7ye5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:53.839823+00:00 Debian Oval Importer Fixing VCID-nyum-jpbc-abew https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:50.996050+00:00 Debian Oval Importer Fixing VCID-w98r-yagc-kkec https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:46.229346+00:00 Debian Oval Importer Fixing VCID-61r1-arbe-dke4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:39.602254+00:00 Debian Oval Importer Fixing VCID-ma29-qa7e-9qb4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:38.231677+00:00 Debian Oval Importer Fixing VCID-hk2m-rbdy-nqhc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:37.490751+00:00 Debian Oval Importer Fixing VCID-z6tm-b352-5uhk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:36.035701+00:00 Debian Oval Importer Fixing VCID-95et-ezmb-buau https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:35.283106+00:00 Debian Oval Importer Fixing VCID-q8qp-5szp-mfe8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-05-04T02:14:28.160345+00:00 Debian Oval Importer Fixing VCID-nge1-4cvg-zqb2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0