Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/firefox-esr@140.5.0esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.5.0esr-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (9)
Vulnerability Summary Aliases
VCID-4bw1-v6ze-kbds Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13018
VCID-4kd3-95cm-g3fc Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13019
VCID-962a-dwqf-3ycg Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13016
VCID-dgwm-n1zx-qkbq Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13012
VCID-e7jk-vs8y-fyhr Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13020
VCID-kdwy-7p45-hbcs Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13015
VCID-qgvy-hzsx-hkge Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13014
VCID-ukut-zyjx-93gq Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13013
VCID-wz6r-xzm9-m7hp Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. CVE-2025-13017

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-02T00:35:41.075416+00:00 Debian Importer Fixing VCID-962a-dwqf-3ycg https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:15:32.345878+00:00 Debian Importer Fixing VCID-e7jk-vs8y-fyhr https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:06:22.217039+00:00 Debian Importer Fixing VCID-4bw1-v6ze-kbds https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:58:47.291837+00:00 Debian Importer Fixing VCID-wz6r-xzm9-m7hp https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:54:22.282440+00:00 Debian Importer Fixing VCID-ukut-zyjx-93gq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:44:32.581384+00:00 Debian Importer Fixing VCID-qgvy-hzsx-hkge https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:39:11.822969+00:00 Debian Importer Fixing VCID-4kd3-95cm-g3fc https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:08:38.654372+00:00 Debian Importer Fixing VCID-dgwm-n1zx-qkbq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:02:28.461732+00:00 Debian Importer Fixing VCID-kdwy-7p45-hbcs https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-04-30T16:23:23.009893+00:00 Debian Importer Fixing VCID-e7jk-vs8y-fyhr https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-30T16:23:22.973858+00:00 Debian Importer Fixing VCID-4kd3-95cm-g3fc https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-30T16:23:22.940715+00:00 Debian Importer Fixing VCID-4bw1-v6ze-kbds https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-30T16:23:22.906861+00:00 Debian Importer Fixing VCID-wz6r-xzm9-m7hp https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-30T16:23:22.870863+00:00 Debian Importer Fixing VCID-962a-dwqf-3ycg https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-30T16:23:22.801795+00:00 Debian Importer Fixing VCID-qgvy-hzsx-hkge https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-30T16:23:22.768122+00:00 Debian Importer Fixing VCID-ukut-zyjx-93gq https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-30T16:23:22.736247+00:00 Debian Importer Fixing VCID-dgwm-n1zx-qkbq https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-29T12:49:52.214700+00:00 Debian Importer Fixing VCID-kdwy-7p45-hbcs https://security-tracker.debian.org/tracker/data/json 38.5.0
2026-04-16T10:23:10.946577+00:00 Debian Importer Fixing VCID-e7jk-vs8y-fyhr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:52:34.428806+00:00 Debian Importer Fixing VCID-962a-dwqf-3ycg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:49:44.594292+00:00 Debian Importer Fixing VCID-4bw1-v6ze-kbds https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:10:05.586476+00:00 Debian Importer Fixing VCID-wz6r-xzm9-m7hp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:08:11.369288+00:00 Debian Importer Fixing VCID-ukut-zyjx-93gq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:03:56.047350+00:00 Debian Importer Fixing VCID-qgvy-hzsx-hkge https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:02:02.587431+00:00 Debian Importer Fixing VCID-dgwm-n1zx-qkbq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:01:40.992652+00:00 Debian Importer Fixing VCID-4kd3-95cm-g3fc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:46:13.968931+00:00 Debian Importer Fixing VCID-kdwy-7p45-hbcs https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T06:59:53.791422+00:00 Debian Importer Fixing VCID-e7jk-vs8y-fyhr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:41:22.864251+00:00 Debian Importer Fixing VCID-962a-dwqf-3ycg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:34:05.994983+00:00 Debian Importer Fixing VCID-4bw1-v6ze-kbds https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:32:15.173146+00:00 Debian Importer Fixing VCID-qgvy-hzsx-hkge https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:31:45.884046+00:00 Debian Importer Fixing VCID-4kd3-95cm-g3fc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:21:33.346290+00:00 Debian Importer Fixing VCID-wz6r-xzm9-m7hp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:07:06.838323+00:00 Debian Importer Fixing VCID-ukut-zyjx-93gq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:03:26.201077+00:00 Debian Importer Fixing VCID-dgwm-n1zx-qkbq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:53:29.152935+00:00 Debian Importer Fixing VCID-kdwy-7p45-hbcs https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:23:45.540025+00:00 Debian Importer Fixing VCID-e7jk-vs8y-fyhr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:45.474894+00:00 Debian Importer Fixing VCID-4kd3-95cm-g3fc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:45.407486+00:00 Debian Importer Fixing VCID-4bw1-v6ze-kbds https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:45.342717+00:00 Debian Importer Fixing VCID-wz6r-xzm9-m7hp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:45.277266+00:00 Debian Importer Fixing VCID-962a-dwqf-3ycg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:45.211372+00:00 Debian Importer Fixing VCID-kdwy-7p45-hbcs https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:45.145587+00:00 Debian Importer Fixing VCID-qgvy-hzsx-hkge https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:45.080230+00:00 Debian Importer Fixing VCID-ukut-zyjx-93gq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:23:45.013944+00:00 Debian Importer Fixing VCID-dgwm-n1zx-qkbq https://security-tracker.debian.org/tracker/data/json 38.1.0