Nixpkgs security tracker
9.8 CRITICAL
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
Activity log
- Created suggestion
Mitigation bypass in the DOM: Security component
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
References
Affected products
- =<140.*
- =<*
- =<140.*
- =<*
Matching in nixpkgs
pkgs.firefoxpwa
None
pkgs.faust2firefox
The faust2firefox script, part of faust functional programming language for realtime audio signal processing
pkgs.firefox_decrypt
Tool to extract passwords from profiles of Mozilla Firefox and derivates
pkgs.thunderbird-mcp
MCP server for Thunderbird - enables AI assistants to access email, contacts, and calendars
pkgs.pkgsRocm.firefox
Web browser built from Firefox source tree
pkgs.firefox-unwrapped
Web browser built from Firefox source tree
pkgs.firefox-gnome-theme
GNOME theme for Firefox
pkgs.firefox-sync-client
Commandline-utility to list/view/edit/delete entries in a firefox-sync account
pkgs.pkgsRocm.firefoxpwa
Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)
pkgs.firefoxpwa-unwrapped
Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)
pkgs.pkgsRocm.thunderbird
Full-featured e-mail client
pkgs.firefox-esr-unwrapped
Web browser built from Firefox source tree
-
nixos-unstable 140.9.1esr
- nixpkgs-unstable 140.9.1esr
- nixos-unstable-small 140.9.1esr
pkgs.pkgsRocm.firefox-beta
Web browser built from Firefox Beta Release source tree
pkgs.thunderbird-unwrapped
Full-featured e-mail client
pkgs.firefox-beta-unwrapped
Web browser built from Firefox Beta Release source tree
pkgs.pkgsRocm.firefox-mobile
Web browser built from Firefox source tree
pkgs.firefox-esr-140-unwrapped
Web browser built from Firefox source tree
-
nixos-unstable 140.9.1esr
- nixpkgs-unstable 140.9.1esr
- nixos-unstable-small 140.9.1esr
pkgs.thunderbird-140-unwrapped
Full-featured e-mail client
-
nixos-unstable 140.7.2esr
- nixpkgs-unstable 140.7.2esr
- nixos-unstable-small 140.7.2esr
pkgs.thunderbird-esr-unwrapped
Full-featured e-mail client
-
nixos-unstable 140.7.2esr
- nixpkgs-unstable 140.7.2esr
- nixos-unstable-small 140.7.2esr
pkgs.pkgsRocm.firefox-unwrapped
Web browser built from Firefox source tree
pkgs.pkgsRocm.firefox-devedition
Web browser built from Firefox Developer Edition source tree
pkgs.pkgsRocm.thunderbird-latest
Full-featured e-mail client
pkgs.firefox-devedition-unwrapped
Web browser built from Firefox Developer Edition source tree
pkgs.thunderbird-latest-unwrapped
Full-featured e-mail client
pkgs.pkgsRocm.thunderbird-unwrapped
Full-featured e-mail client
pkgs.pkgsRocm.firefox-beta-unwrapped
Web browser built from Firefox Beta Release source tree
pkgs.thunderbirdPackages.thunderbird
Full-featured e-mail client
pkgs.gnomeExtensions.firefox-profiles
Easily launch Firefox with your favorite profile right from the indicator menu!
pkgs.roundcubePlugins.thunderbird_labels
None
pkgs.thunderbirdPackages.thunderbird-140
Full-featured e-mail client
-
nixos-unstable 140.7.2esr
- nixpkgs-unstable 140.7.2esr
- nixos-unstable-small 140.7.2esr
pkgs.thunderbirdPackages.thunderbird-esr
Full-featured e-mail client
-
nixos-unstable 140.7.2esr
- nixpkgs-unstable 140.7.2esr
- nixos-unstable-small 140.7.2esr
pkgs.pkgsRocm.firefox-devedition-unwrapped
Web browser built from Firefox Developer Edition source tree
pkgs.pkgsRocm.thunderbird-latest-unwrapped
Full-featured e-mail client
pkgs.thunderbirdPackages.thunderbird-latest
Full-featured e-mail client
pkgs.pkgsRocm.thunderbirdPackages.thunderbird
Full-featured e-mail client
pkgs.gnomeExtensions.firefox-pip-always-on-top
Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces
pkgs.gnomeExtensions.pip-alwaysontop-for-firefox
Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.
pkgs.pkgsRocm.thunderbirdPackages.thunderbird-latest
Full-featured e-mail client
pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug
Visual Studio Code extension for debugging web applications and browser extensions in Firefox
Package maintainers
-
@pmahoney Patrick Mahoney <pat@polycrystal.org>
-
@magnetophon Bart Brouns <bart@magnetophon.nl>
-
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
-
@rhendric Ryan Hendrickson
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@nekowinston winston <hey@winston.sh>
-
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
-
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>
-
@unode Renato Alves <alves.rjc@gmail.com>
-
@schnusch schnusch
-
@honnip Jung seungwoo <me@honnip.page>
-
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
-
@camillemndn Camille M. <camillemondon@free.fr>
-
@nbp Nicolas B. Pierron <nixos@nbp.name>
-
@vcunat Vladimír Čunát <v@cunat.cz>
-
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
-
@felschr Felix Schröter <dev@felschr.com>
-
@drupol Pol Dellaiera <pol.dellaiera@protonmail.com>