VulnerableCode Package Details - pkg:alpm/archlinux/firefox@94.0.2-2

Search for packages

Package details: pkg:alpm/archlinux/firefox@94.0.2-2

Essentials
History (43)

purl	pkg:alpm/archlinux/firefox@94.0.2-2

Next non-vulnerable version	95.0-1
Latest non-vulnerable version	101.0-1
Risk	4.0

Vulnerabilities affecting this package (11)

Vulnerability	Summary	Fixed by
VCID-4zuz-4gqa-aaaa Aliases: CVE-2021-43541	When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-592r-h29e-aaaa Aliases: CVE-2021-43538	By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-8kaa-wtcn-aaam Aliases: CVE-2021-43542	Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-b9cv-67uj-aaac Aliases: CVE-2021-43545	Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-bu1f-fjdb-aaas Aliases: CVE-2021-43536	Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-dgp7-325g-aaap Aliases: CVE-2021-43546	It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-j4au-z3br-aaae Aliases: CVE-2021-43540	WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-j9ej-swa8-aaab Aliases: CVE-2021-43543	Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-txw1-79x3-aaap Aliases: CVE-2021-43537	An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-wr44-t35s-aaar Aliases: CVE-2021-43544	When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.
VCID-zvxu-3qbb-aaad Aliases: CVE-2021-43539	Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.	95.0-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:24.668024+00:00	Arch Linux Importer	Affected by	VCID-wr44-t35s-aaar	https://security.archlinux.org/AVG-2607	36.0.0
2025-03-28T07:45:20.268191+00:00	Arch Linux Importer	Affected by	VCID-bu1f-fjdb-aaas	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.234761+00:00	Arch Linux Importer	Affected by	VCID-txw1-79x3-aaap	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.201432+00:00	Arch Linux Importer	Affected by	VCID-592r-h29e-aaaa	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.167370+00:00	Arch Linux Importer	Affected by	VCID-zvxu-3qbb-aaad	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.133601+00:00	Arch Linux Importer	Affected by	VCID-j4au-z3br-aaae	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.100497+00:00	Arch Linux Importer	Affected by	VCID-4zuz-4gqa-aaaa	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.065949+00:00	Arch Linux Importer	Affected by	VCID-8kaa-wtcn-aaam	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.045481+00:00	Arch Linux Importer	Affected by	VCID-j9ej-swa8-aaab	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.024930+00:00	Arch Linux Importer	Affected by	VCID-b9cv-67uj-aaac	https://security.archlinux.org/AVG-2606	36.0.0
2025-03-28T07:45:20.004651+00:00	Arch Linux Importer	Affected by	VCID-dgp7-325g-aaap	https://security.archlinux.org/AVG-2606	36.0.0
2024-09-18T02:01:39.981011+00:00	Arch Linux Importer	Affected by	VCID-wr44-t35s-aaar	https://security.archlinux.org/AVG-2607	34.0.1
2024-09-18T02:00:16.259659+00:00	Arch Linux Importer	Affected by	VCID-bu1f-fjdb-aaas	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.233245+00:00	Arch Linux Importer	Affected by	VCID-txw1-79x3-aaap	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.208939+00:00	Arch Linux Importer	Affected by	VCID-592r-h29e-aaaa	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.177482+00:00	Arch Linux Importer	Affected by	VCID-zvxu-3qbb-aaad	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.145374+00:00	Arch Linux Importer	Affected by	VCID-j4au-z3br-aaae	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.118326+00:00	Arch Linux Importer	Affected by	VCID-4zuz-4gqa-aaaa	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.094402+00:00	Arch Linux Importer	Affected by	VCID-8kaa-wtcn-aaam	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.071065+00:00	Arch Linux Importer	Affected by	VCID-j9ej-swa8-aaab	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.045934+00:00	Arch Linux Importer	Affected by	VCID-b9cv-67uj-aaac	https://security.archlinux.org/AVG-2606	34.0.1
2024-09-18T02:00:16.018527+00:00	Arch Linux Importer	Affected by	VCID-dgp7-325g-aaap	https://security.archlinux.org/AVG-2606	34.0.1
2024-01-20T12:06:28.472889+00:00	Arch Linux Importer	Affected by	VCID-bu1f-fjdb-aaas	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.450869+00:00	Arch Linux Importer	Affected by	VCID-txw1-79x3-aaap	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.428837+00:00	Arch Linux Importer	Affected by	VCID-592r-h29e-aaaa	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.406783+00:00	Arch Linux Importer	Affected by	VCID-zvxu-3qbb-aaad	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.384708+00:00	Arch Linux Importer	Affected by	VCID-j4au-z3br-aaae	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.362546+00:00	Arch Linux Importer	Affected by	VCID-4zuz-4gqa-aaaa	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.340692+00:00	Arch Linux Importer	Affected by	VCID-8kaa-wtcn-aaam	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.318663+00:00	Arch Linux Importer	Affected by	VCID-j9ej-swa8-aaab	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.296653+00:00	Arch Linux Importer	Affected by	VCID-b9cv-67uj-aaac	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-20T12:06:28.274187+00:00	Arch Linux Importer	Affected by	VCID-dgp7-325g-aaap	https://security.archlinux.org/AVG-2606	34.0.0rc2
2024-01-03T22:27:46.358905+00:00	Arch Linux Importer	Affected by	VCID-wr44-t35s-aaar	https://security.archlinux.org/AVG-2607	34.0.0rc1
2024-01-03T22:26:30.684079+00:00	Arch Linux Importer	Affected by	VCID-bu1f-fjdb-aaas	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.660055+00:00	Arch Linux Importer	Affected by	VCID-txw1-79x3-aaap	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.633602+00:00	Arch Linux Importer	Affected by	VCID-592r-h29e-aaaa	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.609677+00:00	Arch Linux Importer	Affected by	VCID-zvxu-3qbb-aaad	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.583365+00:00	Arch Linux Importer	Affected by	VCID-j4au-z3br-aaae	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.556757+00:00	Arch Linux Importer	Affected by	VCID-4zuz-4gqa-aaaa	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.532846+00:00	Arch Linux Importer	Affected by	VCID-8kaa-wtcn-aaam	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.508907+00:00	Arch Linux Importer	Affected by	VCID-j9ej-swa8-aaab	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.487618+00:00	Arch Linux Importer	Affected by	VCID-b9cv-67uj-aaac	https://security.archlinux.org/AVG-2606	34.0.0rc1
2024-01-03T22:26:30.464765+00:00	Arch Linux Importer	Affected by	VCID-dgp7-325g-aaap	https://security.archlinux.org/AVG-2606	34.0.0rc1