Another five of the 28 flaws were reported by researchers working with HP TippingPoint's Zero Day Initiative (ZDI) bug-bounty program.
Mozilla also followed the lead set by Microsoft and Google last week, revoking a pair of digital certificates issued by a subsidiary of TurkTrust, a Turkish "certificate authority," or CA, in 2011.
"The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle (MITM) traffic management of domain names that the customer did not legitimately own or control," Mozilla stated in an advisory accompanying Firefox 18's release.
Estimates last week by Web metrics company Net Applications put Firefox's usage share at 19.2%. Irish measurement firm StatCounter, however, said Firefox's global share was a slightly higher 21.9%.
The next version of Firefox is scheduled to ship Feb. 19, 2013.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed. His email address is firstname.lastname@example.org.
Read more about internet in Computerworld's Internet Topic Center.