Search for packages
| purl | pkg:rpm/redhat/firefox@52.1.0-2?arch=el7_3 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1asm-t31q-w3ef
Aliases: CVE-2017-5455 |
The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. | There are no reported fixed by versions. |
|
VCID-23bx-as83-e3bv
Aliases: CVE-2017-5435 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-2j7g-g6dj-qydb
Aliases: CVE-2017-5466 |
If a page is loaded from an original site through a hyperlink and contains a redirect to a data:text/html URL, triggering a reload will run the reloaded data:text/html page with its origin set incorrectly. This allows for a cross-site scripting (XSS) attack. | There are no reported fixed by versions. |
|
VCID-2t1r-58sq-3uaf
Aliases: CVE-2016-10195 |
Multiple vulnerabilities have been found in libevent, the worst of which allows remote attackers to execute arbitrary code. | There are no reported fixed by versions. |
|
VCID-3315-b7du-kydm
Aliases: CVE-2017-5448 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-3ega-m6fz-uugy
Aliases: CVE-2017-5464 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-4n3b-syg9-ykh9
Aliases: CVE-2017-5446 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-54vr-pby9-ffg7
Aliases: CVE-2017-5459 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-6p3q-f7f6-mygv
Aliases: CVE-2017-5430 |
Mozilla developers and community members Christian Holler, Jon Coppeard, Milan Sreckovic, Tyson Smith, Ronald Crane, Randell Jesup, Philipp, Tooru Fujisawa, and Kan-Ru Chen reported memory safety bugs present in Firefox 52 and Firefox ESR 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. | There are no reported fixed by versions. |
|
VCID-6sun-2gu6-jqh7
Aliases: CVE-2017-5434 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-77xw-dvy5-5uch
Aliases: CVE-2017-5445 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-79kw-syxy-n7a1
Aliases: CVE-2017-5447 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-8frm-8p43-pyh8
Aliases: CVE-2017-5442 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-8wgm-j522-4yac
Aliases: CVE-2017-5436 |
An out-of-bounds write in Graphite might allow remote attackers to execute arbitrary code. | There are no reported fixed by versions. |
|
VCID-c11z-6f9c-3bb5
Aliases: CVE-2017-5451 |
A mechanism to spoof the addressbar through the user interaction on the addressbar and the onblur event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. | There are no reported fixed by versions. |
|
VCID-dsuj-fmtr-cbft
Aliases: CVE-2017-5432 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-e43t-3b7n-c3bj
Aliases: CVE-2017-5454 |
A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. | There are no reported fixed by versions. |
|
VCID-f5dh-8kx7-vbfq
Aliases: CVE-2017-5441 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-f9dc-n2bd-gqdt
Aliases: CVE-2017-5449 |
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. | There are no reported fixed by versions. |
|
VCID-h2zq-ubdu-sqc8
Aliases: CVE-2017-5443 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-hq7v-u57f-5uhc
Aliases: CVE-2017-5456 |
A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. | There are no reported fixed by versions. |
|
VCID-hthe-t85x-13gz
Aliases: CVE-2017-5465 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-jzb7-dve8-jygb
Aliases: CVE-2017-5438 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-pp4w-2986-nqee
Aliases: CVE-2017-5467 |
A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. | There are no reported fixed by versions. |
|
VCID-q72b-g1hz-23fs
Aliases: CVE-2017-5429 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-ru7n-21qs-eyfx
Aliases: CVE-2017-5469 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-tt4e-ufku-2yek
Aliases: CVE-2016-10196 |
Multiple vulnerabilities have been found in libevent, the worst of which allows remote attackers to execute arbitrary code. | There are no reported fixed by versions. |
|
VCID-wwx8-enxs-subd
Aliases: CVE-2016-10197 |
Multiple vulnerabilities have been found in libevent, the worst of which allows remote attackers to execute arbitrary code. | There are no reported fixed by versions. |
|
VCID-y2dd-vp7y-5ka1
Aliases: CVE-2017-5444 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-yaew-dtry-pkfv
Aliases: CVE-2017-5433 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-z4hp-wpp1-17bu
Aliases: CVE-2017-5460 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-zr38-6kvs-ckdh
Aliases: CVE-2017-5440 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
|
VCID-zyxf-mxw2-4yc1
Aliases: CVE-2017-5439 |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||