Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-32214 (GCVE-0-2023-32214)
Vulnerability from cvelistv5 – Published: 2023-06-19 09:38 – Updated: 2025-05-27 16:53
VLAI?
EPSS
Summary
Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.
*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Severity ?
No CVSS data available.
CWE
- Potential DoS via exposed protocol handlers
Assigner
References
6 references
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mozilla | Firefox |
Affected:
unspecified , < 113
(custom)
|
|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 102.11
(custom)
|
|
| Mozilla | Thunderbird |
Affected:
unspecified , < 102.11
(custom)
|
Credits
Edward Prior
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828716"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-16/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-17/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-18/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-03"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "113",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "102.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "102.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Edward Prior"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Protocol handlers \u003ccode\u003ems-cxh\u003c/code\u003e and \u003ccode\u003ems-cxh-full\u003c/code\u003e could have been leveraged to trigger a denial of service.\u003cbr\u003e*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11."
}
],
"value": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential DoS via exposed protocol handlers",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T16:53:14.473Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828716"
},
{
"url": "https://security.gentoo.org/glsa/202312-03"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-16/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-17/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-18/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-32214",
"datePublished": "2023-06-19T09:38:56.644Z",
"dateReserved": "2023-05-04T16:11:54.244Z",
"dateUpdated": "2025-05-27T16:53:14.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-32214",
"date": "2026-05-20",
"epss": "0.00244",
"percentile": "0.47707"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"113.0\", \"matchCriteriaId\": \"D953B9B0-5231-4517-BCDC-2120FBE1B9F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"102.11\", \"matchCriteriaId\": \"6487CCA9-C946-4313-A93A-350828389D8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"102.11\", \"matchCriteriaId\": \"8AD4D2C8-87C4-4E70-8499-2C6E3892DFC0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.\"}]",
"id": "CVE-2023-32214",
"lastModified": "2024-11-21T08:02:54.970",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2023-06-19T10:15:09.613",
"references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1828716\", \"source\": \"security@mozilla.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-03\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"source\": \"security@mozilla.org\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-16/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-17/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-18/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1828716\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-03\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-16/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-17/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-18/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-32214\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2023-06-19T10:15:09.613\",\"lastModified\":\"2024-11-21T08:02:54.970\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"113.0\",\"matchCriteriaId\":\"D953B9B0-5231-4517-BCDC-2120FBE1B9F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"102.11\",\"matchCriteriaId\":\"6487CCA9-C946-4313-A93A-350828389D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"102.11\",\"matchCriteriaId\":\"8AD4D2C8-87C4-4E70-8499-2C6E3892DFC0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1828716\",\"source\":\"security@mozilla.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-03\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-16/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-17/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-18/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1828716\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-16/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-17/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-18/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2023-AVI-0365
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Mozilla Firefox. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 113",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 102.11",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-32209",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32209"
},
{
"name": "CVE-2023-32210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32210"
},
{
"name": "CVE-2023-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32208"
},
{
"name": "CVE-2023-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32205"
},
{
"name": "CVE-2023-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32214"
},
{
"name": "CVE-2023-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32215"
},
{
"name": "CVE-2023-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32212"
},
{
"name": "CVE-2023-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32213"
},
{
"name": "CVE-2023-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32207"
},
{
"name": "CVE-2023-32211",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32211"
},
{
"name": "CVE-2023-32216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32216"
},
{
"name": "CVE-2023-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32206"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0365",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans\u003cspan\nclass=\"textit\"\u003e Mozilla Firefox\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mozilla Firefox",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-16 du 09 mai 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-17 du 09 mai 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-17/"
}
]
}
CERTFR-2023-AVI-0375
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | Thunderbird versions antérieures à 102.11 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 102.11",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32205"
},
{
"name": "CVE-2023-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32214"
},
{
"name": "CVE-2023-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32215"
},
{
"name": "CVE-2023-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32212"
},
{
"name": "CVE-2023-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32213"
},
{
"name": "CVE-2023-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32207"
},
{
"name": "CVE-2023-32211",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32211"
},
{
"name": "CVE-2023-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32206"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0375",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eMozilla\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Thunderbird",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-18 du 10 mai 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-18/"
}
]
}
CERTFR-2023-AVI-0365
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Mozilla Firefox. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 113",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 102.11",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-32209",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32209"
},
{
"name": "CVE-2023-32210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32210"
},
{
"name": "CVE-2023-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32208"
},
{
"name": "CVE-2023-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32205"
},
{
"name": "CVE-2023-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32214"
},
{
"name": "CVE-2023-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32215"
},
{
"name": "CVE-2023-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32212"
},
{
"name": "CVE-2023-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32213"
},
{
"name": "CVE-2023-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32207"
},
{
"name": "CVE-2023-32211",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32211"
},
{
"name": "CVE-2023-32216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32216"
},
{
"name": "CVE-2023-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32206"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0365",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans\u003cspan\nclass=\"textit\"\u003e Mozilla Firefox\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Mozilla Firefox",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-16 du 09 mai 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-17 du 09 mai 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-17/"
}
]
}
CERTFR-2023-AVI-0375
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | Thunderbird versions antérieures à 102.11 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 102.11",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32205"
},
{
"name": "CVE-2023-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32214"
},
{
"name": "CVE-2023-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32215"
},
{
"name": "CVE-2023-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32212"
},
{
"name": "CVE-2023-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32213"
},
{
"name": "CVE-2023-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32207"
},
{
"name": "CVE-2023-32211",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32211"
},
{
"name": "CVE-2023-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32206"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0375",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eMozilla\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Thunderbird",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-18 du 10 mai 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-18/"
}
]
}
BDU:2023-02810
Vulnerability from fstec - Published: 09.05.2023
VLAI Severity ?
Title
Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, существующая из-за некорректной работы обработчиков ms-cxh и ms-cxh-ful, позволяющая нарушителю вызвать аварийное завершение работы приложения
Description
Уязвимость браузеров Firefox и Firefox ESR и почтового клиента Thunderbird существует из-за некорректной работы обработчиков ms-cxh и ms-cxh-ful. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать аварийное завершение работы приложения с помощью специально созданного веб-сайта
Severity ?
Vendor
Novell Inc., Сообщество свободного программного обеспечения, ООО «Ред Софт», АО «ИВК», Mozilla Corp.
Software Name
Suse Linux Enterprise Desktop, SUSE Linux Enterprise Server for SAP Applications, Suse Linux Enterprise Server, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), OpenSUSE Leap, Альт 8 СП (запись в едином реестре российских программ №4305), SUSE Linux Enterprise Module for SAP Applications, Firefox ESR, Firefox, Thunderbird, АЛЬТ СП 10
Software Version
12 SP4 (Suse Linux Enterprise Desktop), 12 SP2 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (Suse Linux Enterprise Server), 12 SP4 (Suse Linux Enterprise Server), 11 SP4 (Suse Linux Enterprise Server), 12 SP2-BCL (Suse Linux Enterprise Server), 11 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP1 (SUSE Linux Enterprise Server for SAP Applications), 15 (SUSE Linux Enterprise Server for SAP Applications), 15 SP1 (SUSE Linux Enterprise Server for SAP Applications), 12 SP1-LTSS (Suse Linux Enterprise Server), 12 SP2-LTSS (Suse Linux Enterprise Server), 12 SP3-LTSS (Suse Linux Enterprise Server), 12 SP3-BCL (Suse Linux Enterprise Server), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), 11 SP3-LTSS (Suse Linux Enterprise Server), 10 (Debian GNU/Linux), 12 SP3-ESPOS (Suse Linux Enterprise Server), 15-LTSS (Suse Linux Enterprise Server), 12 SP1 (Suse Linux Enterprise Server), 11 SP4 (Suse Linux Enterprise Desktop), 11 SP3 (Suse Linux Enterprise Server), 12 SP4-ESPOS (Suse Linux Enterprise Server), 12 SP4-LTSS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 7.3 (РЕД ОС), 15.4 (OpenSUSE Leap), 15 SP3 (Suse Linux Enterprise Server), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 15 SP3 (Suse Linux Enterprise Desktop), 15 SP2 (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Server for SAP Applications), - (Альт 8 СП), 15 SP4 (Suse Linux Enterprise Server), 15 SP2 (Suse Linux Enterprise Desktop), 15 SP4 (Suse Linux Enterprise Desktop), 15 (Suse Linux Enterprise Server), 15 SP2-BCL (Suse Linux Enterprise Server), 15 SP2-LTSS (Suse Linux Enterprise Server), 15 SP1 (Suse Linux Enterprise Desktop), 15 (Suse Linux Enterprise Desktop), 15 SP3-LTSS (Suse Linux Enterprise Server), 15 SP3-BCL (Suse Linux Enterprise Server), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 15 SP4 (SUSE Linux Enterprise Module for SAP Applications), до 102.11 (Firefox ESR), до 102.11 (Firefox), до 102.11 (Thunderbird), - (АЛЬТ СП 10)
Possible Mitigations
Использование рекомендаций:
Для программных продуктов Mozilla Corp.:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-17/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-18/
Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для программных продуктов Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2023-32214
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2023-32214.html
Для Альт 8 СП:
https://cve.basealt.ru/report-13062023-c9f2.html
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для ОС АЛЬТ СП 10: установка обновления из публичного репозитория программного средства
Reference
https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-17/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-18/
https://www.cybersecurity-help.cz/vdb/SB2023050974
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://redos.red-soft.ru/support/secure/
https://security-tracker.debian.org/tracker/CVE-2023-32214
https://www.suse.com/security/cve/CVE-2023-32214.html
https://cve.basealt.ru/report-13062023-c9f2.html
https://altsp.su/obnovleniya-bezopasnosti/
https://altsp.su/obnovleniya-bezopasnosti/
https://altsp.su/obnovleniya-bezopasnosti/
CWE
CWE-939
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Mozilla Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "12 SP4 (Suse Linux Enterprise Desktop), 12 SP2 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (Suse Linux Enterprise Server), 12 SP4 (Suse Linux Enterprise Server), 11 SP4 (Suse Linux Enterprise Server), 12 SP2-BCL (Suse Linux Enterprise Server), 11 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP1 (SUSE Linux Enterprise Server for SAP Applications), 15 (SUSE Linux Enterprise Server for SAP Applications), 15 SP1 (SUSE Linux Enterprise Server for SAP Applications), 12 SP1-LTSS (Suse Linux Enterprise Server), 12 SP2-LTSS (Suse Linux Enterprise Server), 12 SP3-LTSS (Suse Linux Enterprise Server), 12 SP3-BCL (Suse Linux Enterprise Server), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), 11 SP3-LTSS (Suse Linux Enterprise Server), 10 (Debian GNU/Linux), 12 SP3-ESPOS (Suse Linux Enterprise Server), 15-LTSS (Suse Linux Enterprise Server), 12 SP1 (Suse Linux Enterprise Server), 11 SP4 (Suse Linux Enterprise Desktop), 11 SP3 (Suse Linux Enterprise Server), 12 SP4-ESPOS (Suse Linux Enterprise Server), 12 SP4-LTSS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15 SP1 (Suse Linux Enterprise Server), 11 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 15.4 (OpenSUSE Leap), 15 SP3 (Suse Linux Enterprise Server), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 15 SP3 (Suse Linux Enterprise Desktop), 15 SP2 (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Server for SAP Applications), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 15 SP4 (Suse Linux Enterprise Server), 15 SP2 (Suse Linux Enterprise Desktop), 15 SP4 (Suse Linux Enterprise Desktop), 15 (Suse Linux Enterprise Server), 15 SP2-BCL (Suse Linux Enterprise Server), 15 SP2-LTSS (Suse Linux Enterprise Server), 15 SP1 (Suse Linux Enterprise Desktop), 15 (Suse Linux Enterprise Desktop), 15 SP3-LTSS (Suse Linux Enterprise Server), 15 SP3-BCL (Suse Linux Enterprise Server), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 15 SP4 (SUSE Linux Enterprise Module for SAP Applications), \u0434\u043e 102.11 (Firefox ESR), \u0434\u043e 102.11 (Firefox), \u0434\u043e 102.11 (Thunderbird), - (\u0410\u041b\u042c\u0422 \u0421\u041f 10)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Mozilla Corp.:\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-17/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-16/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-18/\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-32214\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2023-32214.html\n\n\u0414\u043b\u044f \u0410\u043b\u044c\u0442 8 \u0421\u041f:\nhttps://cve.basealt.ru/report-13062023-c9f2.html\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u041b\u042c\u0422 \u0421\u041f 10: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.05.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.10.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "25.05.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-02810",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-32214",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Suse Linux Enterprise Desktop, SUSE Linux Enterprise Server for SAP Applications, Suse Linux Enterprise Server, Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), OpenSUSE Leap, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), SUSE Linux Enterprise Module for SAP Applications, Firefox ESR, Firefox, Thunderbird, \u0410\u041b\u042c\u0422 \u0421\u041f 10",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. Suse Linux Enterprise Desktop 12 SP4 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4 , Novell Inc. Suse Linux Enterprise Server 12 SP3 , Novell Inc. Suse Linux Enterprise Server 12 SP4 , Novell Inc. Suse Linux Enterprise Server 11 SP4 , Novell Inc. Suse Linux Enterprise Server 12 SP2-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 11 SP4 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP1 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP1 , Novell Inc. Suse Linux Enterprise Server 12 SP1-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP2-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-BCL , Novell Inc. Suse Linux Enterprise Server 12 SP5 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP5 , Novell Inc. Suse Linux Enterprise Server 11 SP3-LTSS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Novell Inc. Suse Linux Enterprise Server 12 SP3-ESPOS , Novell Inc. Suse Linux Enterprise Server 15-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP1 , Novell Inc. Suse Linux Enterprise Desktop 11 SP4 , Novell Inc. Suse Linux Enterprise Server 11 SP3 , Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS , Novell Inc. Suse Linux Enterprise Server 12 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL , Novell Inc. Suse Linux Enterprise Server 15 SP1-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP1 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Novell Inc. OpenSUSE Leap 15.4 , Novell Inc. Suse Linux Enterprise Server 15 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP3 , Novell Inc. Suse Linux Enterprise Desktop 15 SP3 , Novell Inc. Suse Linux Enterprise Server 15 SP2 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP2 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Novell Inc. Suse Linux Enterprise Server 15 SP4 , Novell Inc. Suse Linux Enterprise Desktop 15 SP2 , Novell Inc. Suse Linux Enterprise Desktop 15 SP4 , Novell Inc. Suse Linux Enterprise Server 15 , Novell Inc. Suse Linux Enterprise Server 15 SP2-BCL , Novell Inc. Suse Linux Enterprise Server 15 SP2-LTSS , Novell Inc. Suse Linux Enterprise Desktop 15 SP1 , Novell Inc. Suse Linux Enterprise Desktop 15 , Novell Inc. Suse Linux Enterprise Server 15 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP5 , Novell Inc. Suse Linux Enterprise Desktop 15 SP5 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u041b\u042c\u0422 \u0421\u041f 10 - ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 Firefox \u0438 Firefox ESR \u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Thunderbird, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 ms-cxh \u0438 ms-cxh-ful, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u043e\u0439 URL-\u0441\u0445\u0435\u043c\u044b (CWE-939)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 Firefox \u0438 Firefox ESR \u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Thunderbird \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 ms-cxh \u0438 ms-cxh-ful. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0417\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-17/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-18/\nhttps://www.cybersecurity-help.cz/vdb/SB2023050974\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://redos.red-soft.ru/support/secure/\nhttps://security-tracker.debian.org/tracker/CVE-2023-32214\nhttps://www.suse.com/security/cve/CVE-2023-32214.html\nhttps://cve.basealt.ru/report-13062023-c9f2.html\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://altsp.su/obnovleniya-bezopasnosti/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-939",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,3)"
}
FKIE_CVE-2023-32214
Vulnerability from fkie_nvd - Published: 2023-06-19 10:15 - Updated: 2024-11-21 08:02
Severity ?
Summary
Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.
*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| mozilla | thunderbird | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D953B9B0-5231-4517-BCDC-2120FBE1B9F4",
"versionEndExcluding": "113.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6487CCA9-C946-4313-A93A-350828389D8F",
"versionEndExcluding": "102.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD4D2C8-87C4-4E70-8499-2C6E3892DFC0",
"versionEndExcluding": "102.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11."
}
],
"id": "CVE-2023-32214",
"lastModified": "2024-11-21T08:02:54.970",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-19T10:15:09.613",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828716"
},
{
"source": "security@mozilla.org",
"url": "https://security.gentoo.org/glsa/202312-03"
},
{
"source": "security@mozilla.org",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-16/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-17/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-18/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202312-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-16/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-17/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-18/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-9CM9-63JC-G4WG
Vulnerability from github – Published: 2023-06-19 12:30 – Updated: 2023-12-20 09:30
VLAI?
Details
Protocol handlers ms-cxh and ms-cxh-full could have been leveraged to trigger a denial of service.
Note: This attack only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2023-32214"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-19T10:15:09Z",
"severity": "HIGH"
},
"details": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"id": "GHSA-9cm9-63jc-g4wg",
"modified": "2023-12-20T09:30:25Z",
"published": "2023-06-19T12:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32214"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828716"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202312-03"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-16"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-17"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-18"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2023-32214
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.
*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-32214",
"id": "GSD-2023-32214"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-32214"
],
"details": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"id": "GSD-2023-32214",
"modified": "2023-12-13T01:20:23.244858Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2023-32214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "113"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "102.11"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "102.11"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Edward Prior"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential DoS via exposed protocol handlers"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828716",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828716"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-16/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-17/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-17/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-18/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-18/"
},
{
"name": "https://security.gentoo.org/glsa/202312-03",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/202312-03"
},
{
"name": "https://security.gentoo.org/glsa/202401-10",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D953B9B0-5231-4517-BCDC-2120FBE1B9F4",
"versionEndExcluding": "113.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6487CCA9-C946-4313-A93A-350828389D8F",
"versionEndExcluding": "102.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD4D2C8-87C4-4E70-8499-2C6E3892DFC0",
"versionEndExcluding": "102.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11."
}
],
"id": "CVE-2023-32214",
"lastModified": "2024-01-07T11:15:11.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-19T10:15:09.613",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828716"
},
{
"source": "security@mozilla.org",
"url": "https://security.gentoo.org/glsa/202312-03"
},
{
"source": "security@mozilla.org",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-16/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-17/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-18/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
OPENSUSE-SU-2024:12918-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libmozjs-102-0-102.11.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: libmozjs-102-0-102.11.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the libmozjs-102-0-102.11.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12918
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
6.5 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
4.3 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.5 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libmozjs-102-0-102.11.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libmozjs-102-0-102.11.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12918",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12918-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32205 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32206 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32207 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32211 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32212 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32213 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32214 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32215 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32215/"
}
],
"title": "libmozjs-102-0-102.11.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12918-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmozjs-102-0-102.11.0-1.1.aarch64",
"product": {
"name": "libmozjs-102-0-102.11.0-1.1.aarch64",
"product_id": "libmozjs-102-0-102.11.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozjs102-102.11.0-1.1.aarch64",
"product": {
"name": "mozjs102-102.11.0-1.1.aarch64",
"product_id": "mozjs102-102.11.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mozjs102-devel-102.11.0-1.1.aarch64",
"product": {
"name": "mozjs102-devel-102.11.0-1.1.aarch64",
"product_id": "mozjs102-devel-102.11.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmozjs-102-0-102.11.0-1.1.ppc64le",
"product": {
"name": "libmozjs-102-0-102.11.0-1.1.ppc64le",
"product_id": "libmozjs-102-0-102.11.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozjs102-102.11.0-1.1.ppc64le",
"product": {
"name": "mozjs102-102.11.0-1.1.ppc64le",
"product_id": "mozjs102-102.11.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mozjs102-devel-102.11.0-1.1.ppc64le",
"product": {
"name": "mozjs102-devel-102.11.0-1.1.ppc64le",
"product_id": "mozjs102-devel-102.11.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libmozjs-102-0-102.11.0-1.1.s390x",
"product": {
"name": "libmozjs-102-0-102.11.0-1.1.s390x",
"product_id": "libmozjs-102-0-102.11.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozjs102-102.11.0-1.1.s390x",
"product": {
"name": "mozjs102-102.11.0-1.1.s390x",
"product_id": "mozjs102-102.11.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mozjs102-devel-102.11.0-1.1.s390x",
"product": {
"name": "mozjs102-devel-102.11.0-1.1.s390x",
"product_id": "mozjs102-devel-102.11.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmozjs-102-0-102.11.0-1.1.x86_64",
"product": {
"name": "libmozjs-102-0-102.11.0-1.1.x86_64",
"product_id": "libmozjs-102-0-102.11.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozjs102-102.11.0-1.1.x86_64",
"product": {
"name": "mozjs102-102.11.0-1.1.x86_64",
"product_id": "mozjs102-102.11.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mozjs102-devel-102.11.0-1.1.x86_64",
"product": {
"name": "mozjs102-devel-102.11.0-1.1.x86_64",
"product_id": "mozjs102-devel-102.11.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmozjs-102-0-102.11.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64"
},
"product_reference": "libmozjs-102-0-102.11.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmozjs-102-0-102.11.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le"
},
"product_reference": "libmozjs-102-0-102.11.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmozjs-102-0-102.11.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x"
},
"product_reference": "libmozjs-102-0-102.11.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmozjs-102-0-102.11.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64"
},
"product_reference": "libmozjs-102-0-102.11.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-102.11.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64"
},
"product_reference": "mozjs102-102.11.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-102.11.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le"
},
"product_reference": "mozjs102-102.11.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-102.11.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x"
},
"product_reference": "mozjs102-102.11.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-102.11.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64"
},
"product_reference": "mozjs102-102.11.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-devel-102.11.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64"
},
"product_reference": "mozjs102-devel-102.11.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-devel-102.11.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le"
},
"product_reference": "mozjs102-devel-102.11.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-devel-102.11.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x"
},
"product_reference": "mozjs102-devel-102.11.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mozjs102-devel-102.11.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
},
"product_reference": "mozjs102-devel-102.11.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-32205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32205"
}
],
"notes": [
{
"category": "general",
"text": "In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32205",
"url": "https://www.suse.com/security/cve/CVE-2023-32205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32205"
},
{
"cve": "CVE-2023-32206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32206"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32206",
"url": "https://www.suse.com/security/cve/CVE-2023-32206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32206"
},
{
"cve": "CVE-2023-32207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32207"
}
],
"notes": [
{
"category": "general",
"text": "A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32207",
"url": "https://www.suse.com/security/cve/CVE-2023-32207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32207"
},
{
"cve": "CVE-2023-32211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32211"
}
],
"notes": [
{
"category": "general",
"text": "A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32211",
"url": "https://www.suse.com/security/cve/CVE-2023-32211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32211"
},
{
"cve": "CVE-2023-32212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32212"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have positioned a `datalist` element to obscure the address bar. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32212",
"url": "https://www.suse.com/security/cve/CVE-2023-32212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32212"
},
{
"cve": "CVE-2023-32213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32213"
}
],
"notes": [
{
"category": "general",
"text": "When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32213",
"url": "https://www.suse.com/security/cve/CVE-2023-32213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32213"
},
{
"cve": "CVE-2023-32214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32214"
}
],
"notes": [
{
"category": "general",
"text": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32214",
"url": "https://www.suse.com/security/cve/CVE-2023-32214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32214"
},
{
"cve": "CVE-2023-32215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32215"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32215",
"url": "https://www.suse.com/security/cve/CVE-2023-32215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:libmozjs-102-0-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-102.11.0-1.1.x86_64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.aarch64",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.ppc64le",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.s390x",
"openSUSE Tumbleweed:mozjs102-devel-102.11.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32215"
}
]
}
OPENSUSE-SU-2024:12920-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaFirefox-113.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaFirefox-113.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaFirefox-113.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12920
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-113.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-113.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12920",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12920-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32205 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32206 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32207 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32208 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32209 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32210 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32211 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32212 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32213 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32214 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32215 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-32216 page",
"url": "https://www.suse.com/security/cve/CVE-2023-32216/"
}
],
"title": "MozillaFirefox-113.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12920-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-113.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-113.0-1.1.aarch64",
"product_id": "MozillaFirefox-113.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-113.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-113.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-113.0-1.1.aarch64",
"product_id": "MozillaFirefox-devel-113.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-113.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-113.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-113.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-113.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-113.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-113.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-113.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-113.0-1.1.ppc64le",
"product_id": "MozillaFirefox-113.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-113.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-113.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-113.0-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-113.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-113.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-113.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-113.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-113.0-1.1.s390x",
"product_id": "MozillaFirefox-113.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-113.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-113.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-113.0-1.1.s390x",
"product_id": "MozillaFirefox-devel-113.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-113.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-113.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-113.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-113.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-113.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-113.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-113.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-113.0-1.1.x86_64",
"product_id": "MozillaFirefox-113.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-113.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-113.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-113.0-1.1.x86_64",
"product_id": "MozillaFirefox-devel-113.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-113.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-113.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-113.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-113.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-113.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-113.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-113.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-113.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-113.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-113.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-113.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-113.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-113.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-113.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-113.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-113.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-113.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-113.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-113.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-113.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-113.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-113.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-113.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-113.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-113.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-113.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-113.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-113.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-113.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-113.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-113.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-113.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-113.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-113.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-113.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-113.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-113.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-113.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-113.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-113.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-32205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32205"
}
],
"notes": [
{
"category": "general",
"text": "In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32205",
"url": "https://www.suse.com/security/cve/CVE-2023-32205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32205"
},
{
"cve": "CVE-2023-32206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32206"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32206",
"url": "https://www.suse.com/security/cve/CVE-2023-32206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32206"
},
{
"cve": "CVE-2023-32207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32207"
}
],
"notes": [
{
"category": "general",
"text": "A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32207",
"url": "https://www.suse.com/security/cve/CVE-2023-32207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32207"
},
{
"cve": "CVE-2023-32208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32208"
}
],
"notes": [
{
"category": "general",
"text": "Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox \u003c 113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32208",
"url": "https://www.suse.com/security/cve/CVE-2023-32208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-32208"
},
{
"cve": "CVE-2023-32209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32209"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox \u003c 113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32209",
"url": "https://www.suse.com/security/cve/CVE-2023-32209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-32209"
},
{
"cve": "CVE-2023-32210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32210"
}
],
"notes": [
{
"category": "general",
"text": "Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain circumstances it might have been possible to cause a document to be loaded with a higher privileged principal than intended. This vulnerability affects Firefox \u003c 113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32210",
"url": "https://www.suse.com/security/cve/CVE-2023-32210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-32210"
},
{
"cve": "CVE-2023-32211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32211"
}
],
"notes": [
{
"category": "general",
"text": "A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32211",
"url": "https://www.suse.com/security/cve/CVE-2023-32211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32211"
},
{
"cve": "CVE-2023-32212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32212"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have positioned a `datalist` element to obscure the address bar. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32212",
"url": "https://www.suse.com/security/cve/CVE-2023-32212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32212"
},
{
"cve": "CVE-2023-32213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32213"
}
],
"notes": [
{
"category": "general",
"text": "When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32213",
"url": "https://www.suse.com/security/cve/CVE-2023-32213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32213"
},
{
"cve": "CVE-2023-32214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32214"
}
],
"notes": [
{
"category": "general",
"text": "Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service.\n*Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32214",
"url": "https://www.suse.com/security/cve/CVE-2023-32214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32214"
},
{
"cve": "CVE-2023-32215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32215"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 113, Firefox ESR \u003c 102.11, and Thunderbird \u003c 102.11.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32215",
"url": "https://www.suse.com/security/cve/CVE-2023-32215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32215"
},
{
"cve": "CVE-2023-32216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-32216"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-32216",
"url": "https://www.suse.com/security/cve/CVE-2023-32216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-113.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-113.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-32216"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…