8.8 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
by @mweinelt Activity log
- Created automatic suggestion
-
@mweinelt
removed
21 packages
- firefoxpwa
- faust2firefox
- firefox_decrypt
- pkgsRocm.firefox
- firefox-gnome-theme
- firefox-sync-client
- pkgsRocm.firefoxpwa
- firefox-esr-unwrapped
- pkgsRocm.firefox-beta
- firefox-beta-unwrapped
- pkgsRocm.firefox-mobile
- firefox-esr-140-unwrapped
- pkgsRocm.firefox-unwrapped
- pkgsRocm.firefox-devedition
- firefox-devedition-unwrapped
- pkgsRocm.firefox-beta-unwrapped
- gnomeExtensions.firefox-profiles
- pkgsRocm.firefox-devedition-unwrapped
- gnomeExtensions.firefox-pip-always-on-top
- gnomeExtensions.pip-alwaysontop-for-firefox
- vscode-extensions.firefox-devtools.vscode-firefox-debug
- @mweinelt dismissed
Memory safety bugs fixed in Firefox 148.0.2
Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148.0.2.
References
Affected products
- <148.0.2
Matching in nixpkgs
Ignored packages (21)
pkgs.firefoxpwa
Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)
pkgs.faust2firefox
The faust2firefox script, part of faust functional programming language for realtime audio signal processing
pkgs.firefox_decrypt
Tool to extract passwords from profiles of Mozilla Firefox and derivates
pkgs.pkgsRocm.firefox
Web browser built from Firefox source tree
pkgs.firefox-gnome-theme
GNOME theme for Firefox
pkgs.firefox-sync-client
Commandline-utility to list/view/edit/delete entries in a firefox-sync account.
pkgs.pkgsRocm.firefoxpwa
Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)
pkgs.firefox-esr-unwrapped
Web browser built from Firefox source tree
-
nixos-unstable 140.8.0esr
- nixpkgs-unstable 140.8.0esr
- nixos-unstable-small 140.8.0esr
-
nixos-25.11 140.8.0esr
- nixos-25.11-small 140.8.0esr
- nixpkgs-25.11-darwin 140.8.0esr
pkgs.pkgsRocm.firefox-beta
Web browser built from Firefox Beta Release source tree
pkgs.firefox-beta-unwrapped
Web browser built from Firefox Beta Release source tree
pkgs.pkgsRocm.firefox-mobile
Web browser built from Firefox source tree
pkgs.firefox-esr-140-unwrapped
Web browser built from Firefox source tree
-
nixos-unstable 140.8.0esr
- nixpkgs-unstable 140.8.0esr
- nixos-unstable-small 140.8.0esr
-
nixos-25.11 140.8.0esr
- nixos-25.11-small 140.8.0esr
- nixpkgs-25.11-darwin 140.8.0esr
pkgs.pkgsRocm.firefox-unwrapped
Web browser built from Firefox source tree
pkgs.pkgsRocm.firefox-devedition
Web browser built from Firefox Developer Edition source tree
pkgs.firefox-devedition-unwrapped
Web browser built from Firefox Developer Edition source tree
pkgs.pkgsRocm.firefox-beta-unwrapped
Web browser built from Firefox Beta Release source tree
pkgs.gnomeExtensions.firefox-profiles
Easily launch Firefox with your favorite profile right from the indicator menu!
pkgs.pkgsRocm.firefox-devedition-unwrapped
Web browser built from Firefox Developer Edition source tree
pkgs.gnomeExtensions.firefox-pip-always-on-top
Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces
pkgs.gnomeExtensions.pip-alwaysontop-for-firefox
Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.
pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug
Visual Studio Code extension for debugging web applications and browser extensions in Firefox
Package maintainers
-
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>