Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-29551 (GCVE-0-2023-29551)
Vulnerability from cvelistv5 – Published: 2023-06-02 00:00 – Updated: 2025-01-08 21:33
VLAI?
EPSS
Summary
Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Severity ?
8.8 (High)
CWE
- Memory safety bugs fixed in Firefox 112
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mozilla | Firefox for Android |
Affected:
unspecified , < 112
(custom)
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:38.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29551",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T21:31:50.521881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T21:33:07.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Firefox for Android",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "112",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "112",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Focus for Android",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "112",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory safety bugs fixed in Firefox 112",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-02T00:00:00",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-29551",
"datePublished": "2023-06-02T00:00:00",
"dateReserved": "2023-04-07T00:00:00",
"dateUpdated": "2025-01-08T21:33:07.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"112.0\", \"matchCriteriaId\": \"8C6578F4-B46C-473F-8A17-CA6026C32FBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*\", \"versionEndExcluding\": \"112.0\", \"matchCriteriaId\": \"216F0EFA-865A-45F5-B50F-B734312ED45D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:focus:*:*:*:*:*:android:*:*\", \"versionEndExcluding\": \"112.0\", \"matchCriteriaId\": \"296D52A2-6FE3-4667-AC75-D01A0043776F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.\"}]",
"id": "CVE-2023-29551",
"lastModified": "2025-01-08T22:15:27.373",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
"published": "2023-06-02T17:15:13.010",
"references": "[{\"url\": \"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\", \"Not Applicable\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-13/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Not Applicable\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-13/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-29551\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2023-06-02T17:15:13.010\",\"lastModified\":\"2025-01-08T22:15:27.373\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"112.0\",\"matchCriteriaId\":\"8C6578F4-B46C-473F-8A17-CA6026C32FBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*\",\"versionEndExcluding\":\"112.0\",\"matchCriteriaId\":\"216F0EFA-865A-45F5-B50F-B734312ED45D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:focus:*:*:*:*:*:android:*:*\",\"versionEndExcluding\":\"112.0\",\"matchCriteriaId\":\"296D52A2-6FE3-4667-AC75-D01A0043776F\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Not Applicable\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-13/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Not Applicable\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-13/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-13/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T14:14:38.985Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-29551\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-08T21:31:50.521881Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-08T21:32:33.705Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Mozilla\", \"product\": \"Firefox for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"112\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Mozilla\", \"product\": \"Firefox\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"112\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Mozilla\", \"product\": \"Focus for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"112\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-13/\"}, {\"url\": \"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Memory safety bugs fixed in Firefox 112\"}]}], \"providerMetadata\": {\"orgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"shortName\": \"mozilla\", \"dateUpdated\": \"2023-06-02T00:00:00\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-29551\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-08T21:33:07.415Z\", \"dateReserved\": \"2023-04-07T00:00:00\", \"assignerOrgId\": \"f16b083a-5664-49f3-a51e-8d479e5ed7fe\", \"datePublished\": \"2023-06-02T00:00:00\", \"assignerShortName\": \"mozilla\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-0303
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | Thunderbird versions antérieures à 102.10 | ||
| Mozilla | Firefox | Firefox pour Android versions antérieures à 112 | ||
| Mozilla | N/A | Focus pour Android versions antérieures à 112 | ||
| Mozilla | Firefox | Firefox versions antérieures à 112 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 102.10 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 102.10",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox pour Android versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Focus pour Android versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 102.10",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-29547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29547"
},
{
"name": "CVE-2023-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1945"
},
{
"name": "CVE-2023-29548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29548"
},
{
"name": "CVE-2023-29540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29540"
},
{
"name": "CVE-2023-0547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0547"
},
{
"name": "CVE-2023-29479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29479"
},
{
"name": "CVE-2023-29543",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29543"
},
{
"name": "CVE-2023-29533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29533"
},
{
"name": "CVE-2023-29535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29535"
},
{
"name": "CVE-2023-29545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29545"
},
{
"name": "CVE-2023-29544",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29544"
},
{
"name": "CVE-2023-29549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29549"
},
{
"name": "CVE-2023-29541",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29541"
},
{
"name": "CVE-2023-29532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29532"
},
{
"name": "CVE-2023-29539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29539"
},
{
"name": "CVE-2023-29534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29534"
},
{
"name": "CVE-2023-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28163"
},
{
"name": "CVE-2023-29551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29551"
},
{
"name": "CVE-2023-29537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29537"
},
{
"name": "CVE-2023-29542",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29542"
},
{
"name": "CVE-2023-29550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29550"
},
{
"name": "CVE-2023-29538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29538"
},
{
"name": "CVE-2023-29536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29536"
},
{
"name": "CVE-2023-29546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29546"
},
{
"name": "CVE-2023-29531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29531"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0303",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": ""
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-13 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-14 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-15 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/"
}
]
}
CERTFR-2023-AVI-0303
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird | Thunderbird versions antérieures à 102.10 | ||
| Mozilla | Firefox | Firefox pour Android versions antérieures à 112 | ||
| Mozilla | N/A | Focus pour Android versions antérieures à 112 | ||
| Mozilla | Firefox | Firefox versions antérieures à 112 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 102.10 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 102.10",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox pour Android versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Focus pour Android versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox versions ant\u00e9rieures \u00e0 112",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 102.10",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-29547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29547"
},
{
"name": "CVE-2023-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1945"
},
{
"name": "CVE-2023-29548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29548"
},
{
"name": "CVE-2023-29540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29540"
},
{
"name": "CVE-2023-0547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0547"
},
{
"name": "CVE-2023-29479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29479"
},
{
"name": "CVE-2023-29543",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29543"
},
{
"name": "CVE-2023-29533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29533"
},
{
"name": "CVE-2023-29535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29535"
},
{
"name": "CVE-2023-29545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29545"
},
{
"name": "CVE-2023-29544",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29544"
},
{
"name": "CVE-2023-29549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29549"
},
{
"name": "CVE-2023-29541",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29541"
},
{
"name": "CVE-2023-29532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29532"
},
{
"name": "CVE-2023-29539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29539"
},
{
"name": "CVE-2023-29534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29534"
},
{
"name": "CVE-2023-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28163"
},
{
"name": "CVE-2023-29551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29551"
},
{
"name": "CVE-2023-29537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29537"
},
{
"name": "CVE-2023-29542",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29542"
},
{
"name": "CVE-2023-29550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29550"
},
{
"name": "CVE-2023-29538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29538"
},
{
"name": "CVE-2023-29536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29536"
},
{
"name": "CVE-2023-29546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29546"
},
{
"name": "CVE-2023-29531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29531"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-0303",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": ""
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-13 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-14 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-15 du 11 avril 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/"
}
]
}
GHSA-F53G-R2VW-FP5C
Vulnerability from github – Published: 2023-06-02 18:30 – Updated: 2024-04-04 04:30
VLAI?
Details
Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Severity ?
8.8 (High)
{
"affected": [],
"aliases": [
"CVE-2023-29551"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-02T17:15:13Z",
"severity": "HIGH"
},
"details": "Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"id": "GHSA-f53g-r2vw-fp5c",
"modified": "2024-04-04T04:30:52Z",
"published": "2023-06-02T18:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29551"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2023-29551
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-29551",
"id": "GSD-2023-29551"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-29551"
],
"details": "Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"id": "GSD-2023-29551",
"modified": "2023-12-13T01:20:56.846440Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2023-29551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "112"
}
]
}
},
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "112"
}
]
}
},
{
"product_name": "Focus for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "112"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 112"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-13/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:focus:*:*:*:*:*:android:*:*",
"cpe_name": [],
"versionEndExcluding": "112.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*",
"cpe_name": [],
"versionEndExcluding": "112.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "112.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2023-29551"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-13/",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-13/"
},
{
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Not Applicable"
],
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-06-09T03:56Z",
"publishedDate": "2023-06-02T17:15Z"
}
}
}
WID-SEC-W-2023-0941
Vulnerability from csaf_certbund - Published: 2023-04-11 22:00 - Updated: 2023-09-27 22:00Summary
Mozilla Firefox und Thunderbird: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Firefox ist ein Open Source Web Browser.
ESR ist die Variante mit verlängertem Support.
Thunderbird ist ein Open Source E-Mail Client.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuführen, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen.
Betroffene Betriebssysteme
- UNIX
- Linux
- MacOS X
- Windows
- Android
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Firefox ist ein Open Source Web Browser. \r\nESR ist die Variante mit verl\u00e4ngertem Support.\r\nThunderbird ist ein Open Source E-Mail Client.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- MacOS X\n- Windows\n- Android",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0941 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0941.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0941 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0941"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASFIREFOX-2023-006 vom 2023-09-27",
"url": "https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-006.html"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-010 vom 2023-06-21",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2023/06/Xerox-Security-Bulletin-XRX23-010-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v2_Windows%C2%AE-10.pdf"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202305-36 vom 2023-05-30",
"url": "https://security.gentoo.org/glsa/202305-36"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202305-35 vom 2023-05-30",
"url": "https://security.gentoo.org/glsa/202305-35"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2028 vom 2023-05-03",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2028.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2064-1 vom 2023-04-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014672.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6010-3 vom 2023-04-26",
"url": "https://ubuntu.com/security/notices/USN-6010-3"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2023:1791 vom 2023-04-24",
"url": "https://lists.centos.org/pipermail/centos-announce/2023-April/086396.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2023:1806 vom 2023-04-24",
"url": "https://lists.centos.org/pipermail/centos-announce/2023-April/086395.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3400 vom 2023-04-24",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00027.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5392 vom 2023-04-23",
"url": "https://www.debian.org/security/2023/dsa-5392"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1791 vom 2023-04-18",
"url": "https://oss.oracle.com/pipermail/el-errata/2023-April/013926.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1802 vom 2023-04-17",
"url": "https://access.redhat.com/errata/RHSA-2023:1802"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1811 vom 2023-04-17",
"url": "https://access.redhat.com/errata/RHSA-2023:1811"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1809 vom 2023-04-17",
"url": "https://access.redhat.com/errata/RHSA-2023:1809"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1805 vom 2023-04-17",
"url": "https://access.redhat.com/errata/RHSA-2023:1805"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1804 vom 2023-04-17",
"url": "https://access.redhat.com/errata/RHSA-2023:1804"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1806 vom 2023-04-17",
"url": "https://access.redhat.com/errata/RHSA-2023:1806"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1803 vom 2023-04-17",
"url": "https://access.redhat.com/errata/RHSA-2023:1803"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1809 vom 2023-04-18",
"url": "https://linux.oracle.com/errata/ELSA-2023-1809.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1802 vom 2023-04-18",
"url": "https://linux.oracle.com/errata/ELSA-2023-1802.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1806 vom 2023-04-18",
"url": "https://linux.oracle.com/errata/ELSA-2023-1806.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6010-2 vom 2023-04-18",
"url": "https://ubuntu.com/security/notices/USN-6010-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1810 vom 2023-04-17",
"url": "https://access.redhat.com/errata/RHSA-2023:1810"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1787 vom 2023-04-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1787"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1786 vom 2023-04-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1786"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1786 vom 2023-04-15",
"url": "https://oss.oracle.com/pipermail/el-errata/2023-April/013914.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1791 vom 2023-04-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1791"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1790 vom 2023-04-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1790"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1789 vom 2023-04-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1789"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1788 vom 2023-04-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1788"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1792 vom 2023-04-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1792"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1855-1 vom 2023-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014459.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1785 vom 2023-04-14",
"url": "https://access.redhat.com/errata/RHSA-2023:1785"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1787 vom 2023-04-15",
"url": "https://oss.oracle.com/pipermail/el-errata/2023-April/013913.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-6C3278C87B vom 2023-04-14",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-6c3278c87b"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-0B5CCD1812 vom 2023-04-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-0b5ccd1812"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6015-1 vom 2023-04-13",
"url": "https://ubuntu.com/security/notices/USN-6015-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3391 vom 2023-04-12",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00016.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5385 vom 2023-04-12",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00075.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6010-1 vom 2023-04-12",
"url": "https://ubuntu.com/security/notices/USN-6010-1"
},
{
"category": "external",
"summary": "Fedora Update FEDORA-2023-a2a92ab69a vom 2023-04-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-a2a92ab69a"
},
{
"category": "external",
"summary": "Fedora Update FEDORA-2023-d365f19e05 vom 2023-04-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d365f19e05"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1819-1 vom 2023-04-011",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014443.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1817-1 vom 2023-04-011",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014444.html"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2023-04-11",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2023-04-11",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2023-04-11",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/"
}
],
"source_lang": "en-US",
"title": "Mozilla Firefox und Thunderbird: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-09-27T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:48:37.258+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0941",
"initial_release_date": "2023-04-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-04-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian und Ubuntu aufgenommen"
},
{
"date": "2023-04-13T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-04-16T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux, Red Hat und SUSE aufgenommen"
},
{
"date": "2023-04-17T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat, Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2023-04-18T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-04-23T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2023-04-24T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Debian und CentOS aufgenommen"
},
{
"date": "2023-04-25T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-05-01T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-05-02T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-05-29T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2023-06-20T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2023-09-27T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "14"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Mozilla Firefox \u003c 112",
"product": {
"name": "Mozilla Firefox \u003c 112",
"product_id": "T027191",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox:112"
}
}
},
{
"category": "product_name",
"name": "Mozilla Firefox ESR \u003c 102.10",
"product": {
"name": "Mozilla Firefox ESR \u003c 102.10",
"product_id": "T027192",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox_esr:102.10"
}
}
},
{
"category": "product_name",
"name": "Mozilla Thunderbird \u003c 102.10",
"product": {
"name": "Mozilla Thunderbird \u003c 102.10",
"product_id": "T027193",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:thunderbird:102.10"
}
}
}
],
"category": "vendor",
"name": "Mozilla"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server v2",
"product": {
"name": "Xerox FreeFlow Print Server v2",
"product_id": "T014888",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v2"
}
}
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29551",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29551"
},
{
"cve": "CVE-2023-29550",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29550"
},
{
"cve": "CVE-2023-29549",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29549"
},
{
"cve": "CVE-2023-29548",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29548"
},
{
"cve": "CVE-2023-29547",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29547"
},
{
"cve": "CVE-2023-29546",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29546"
},
{
"cve": "CVE-2023-29545",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29545"
},
{
"cve": "CVE-2023-29544",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29544"
},
{
"cve": "CVE-2023-29543",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29543"
},
{
"cve": "CVE-2023-29542",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29542"
},
{
"cve": "CVE-2023-29541",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29541"
},
{
"cve": "CVE-2023-29540",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29540"
},
{
"cve": "CVE-2023-29539",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29539"
},
{
"cve": "CVE-2023-29538",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29538"
},
{
"cve": "CVE-2023-29537",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29537"
},
{
"cve": "CVE-2023-29536",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29536"
},
{
"cve": "CVE-2023-29535",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29535"
},
{
"cve": "CVE-2023-29534",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29534"
},
{
"cve": "CVE-2023-29533",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29533"
},
{
"cve": "CVE-2023-29532",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29532"
},
{
"cve": "CVE-2023-29531",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29531"
},
{
"cve": "CVE-2023-29479",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-29479"
},
{
"cve": "CVE-2023-28163",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-28163"
},
{
"cve": "CVE-2023-1945",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-1945"
},
{
"cve": "CVE-2023-0547",
"notes": [
{
"category": "description",
"text": "In Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Gr\u00fcnden z\u00e4hlen beispielsweise verschiedene Fehler in der Speicherverwaltung, Fehler bei der Dateibehandlung und Fehler bei der Durchsetzung von Sicherheitsmechanismen. Ein Angreifer kann dies ausnutzen, um beliebigen Code auszuf\u00fchren, um Informationen offenzulegen und um Sicherheitsmechanismen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T014888",
"398363",
"T012167",
"1727",
"T004914",
"74185"
]
},
"release_date": "2023-04-11T22:00:00.000+00:00",
"title": "CVE-2023-0547"
}
]
}
OPENSUSE-SU-2024:12882-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaFirefox-112.0.1-1.1 on GA media
Notes
Title of the patch
MozillaFirefox-112.0.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the MozillaFirefox-112.0.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-12882
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-112.0.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-112.0.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12882",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12882-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29532 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29533 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29534 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29535 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29536 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29537 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29538 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29539 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29540 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29541 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29542 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29543 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29544 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29546 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29547 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29548 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29549 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29550 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29551 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29551/"
}
],
"title": "MozillaFirefox-112.0.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12882-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-112.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-devel-112.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-112.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-112.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-112.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-devel-112.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-112.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-112.0.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-112.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-devel-112.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-112.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29531"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29531",
"url": "https://www.suse.com/security/cve/CVE-2023-29531"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29531",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29531"
},
{
"cve": "CVE-2023-29532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29532"
}
],
"notes": [
{
"category": "general",
"text": "A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\n\n*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29532",
"url": "https://www.suse.com/security/cve/CVE-2023-29532"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29532",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29532"
},
{
"cve": "CVE-2023-29533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29533"
}
],
"notes": [
{
"category": "general",
"text": "A website could have obscured the fullscreen notification by using a combination of \u003ccode\u003ewindow.open\u003c/code\u003e, fullscreen requests, \u003ccode\u003ewindow.name\u003c/code\u003e assignments, and \u003ccode\u003esetInterval\u003c/code\u003e calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29533",
"url": "https://www.suse.com/security/cve/CVE-2023-29533"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29533",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29533"
},
{
"cve": "CVE-2023-29534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29534"
}
],
"notes": [
{
"category": "general",
"text": "Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks.\n\n*This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android \u003c 112 and Focus for Android \u003c 112.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29534",
"url": "https://www.suse.com/security/cve/CVE-2023-29534"
},
{
"category": "external",
"summary": "SUSE Bug 1212529 for CVE-2023-29534",
"url": "https://bugzilla.suse.com/1212529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-29534"
},
{
"cve": "CVE-2023-29535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29535"
}
],
"notes": [
{
"category": "general",
"text": "Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29535",
"url": "https://www.suse.com/security/cve/CVE-2023-29535"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29535",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29535"
},
{
"cve": "CVE-2023-29536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29536"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29536",
"url": "https://www.suse.com/security/cve/CVE-2023-29536"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29536",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29536"
},
{
"cve": "CVE-2023-29537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29537"
}
],
"notes": [
{
"category": "general",
"text": "Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29537",
"url": "https://www.suse.com/security/cve/CVE-2023-29537"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29537",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29537"
},
{
"cve": "CVE-2023-29538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29538"
}
],
"notes": [
{
"category": "general",
"text": "Under specific circumstances a WebExtension may have received a \u003ccode\u003ejar:file:///\u003c/code\u003e URI instead of a \u003ccode\u003emoz-extension:///\u003c/code\u003e URI during a load request. This leaked directory paths on the user\u0027s machine. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29538",
"url": "https://www.suse.com/security/cve/CVE-2023-29538"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29538",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29538"
},
{
"cve": "CVE-2023-29539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29539"
}
],
"notes": [
{
"category": "general",
"text": "When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29539",
"url": "https://www.suse.com/security/cve/CVE-2023-29539"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29539",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29539"
},
{
"cve": "CVE-2023-29540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29540"
}
],
"notes": [
{
"category": "general",
"text": "Using a redirect embedded into \u003ccode\u003esourceMappingUrls\u003c/code\u003e could allow for navigation to external protocol links in sandboxed iframes without \u003ccode\u003eallow-top-navigation-to-custom-protocols\u003c/code\u003e. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29540",
"url": "https://www.suse.com/security/cve/CVE-2023-29540"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29540",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29540"
},
{
"cve": "CVE-2023-29541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29541"
}
],
"notes": [
{
"category": "general",
"text": "Firefox did not properly handle downloads of files ending in \u003ccode\u003e.desktop\u003c/code\u003e, which can be interpreted to run attacker-controlled commands. \u003cbr\u003e*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29541",
"url": "https://www.suse.com/security/cve/CVE-2023-29541"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29541",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29541"
},
{
"cve": "CVE-2023-29542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29542"
}
],
"notes": [
{
"category": "general",
"text": "A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.\n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29542",
"url": "https://www.suse.com/security/cve/CVE-2023-29542"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29542",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29542"
},
{
"cve": "CVE-2023-29543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29543"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object\u0027s debugger vector. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29543",
"url": "https://www.suse.com/security/cve/CVE-2023-29543"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29543",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29543"
},
{
"cve": "CVE-2023-29544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29544"
}
],
"notes": [
{
"category": "general",
"text": "If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29544",
"url": "https://www.suse.com/security/cve/CVE-2023-29544"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29544",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29544"
},
{
"cve": "CVE-2023-29545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29545"
}
],
"notes": [
{
"category": "general",
"text": "Similar to CVE-2023-28163, this time when choosing \u0027Save Link As\u0027, suggested filenames containing environment variable names would have resolved those in the context of the current user. \n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox \u003c 112, Firefox ESR \u003c 102.10, and Thunderbird \u003c 102.10.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29545",
"url": "https://www.suse.com/security/cve/CVE-2023-29545"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29545",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29545"
},
{
"cve": "CVE-2023-29546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29546"
}
],
"notes": [
{
"category": "general",
"text": "When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive information. \n\n*This bug only affects Firefox for Android. Other operating systems are unaffected.* This vulnerability affects Firefox for Android \u003c 112 and Focus for Android \u003c 112.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29546",
"url": "https://www.suse.com/security/cve/CVE-2023-29546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "not set"
}
],
"title": "CVE-2023-29546"
},
{
"cve": "CVE-2023-29547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29547"
}
],
"notes": [
{
"category": "general",
"text": "When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29547",
"url": "https://www.suse.com/security/cve/CVE-2023-29547"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29547",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29547"
},
{
"cve": "CVE-2023-29548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29548"
}
],
"notes": [
{
"category": "general",
"text": "A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29548",
"url": "https://www.suse.com/security/cve/CVE-2023-29548"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29548",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29548"
},
{
"cve": "CVE-2023-29549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29549"
}
],
"notes": [
{
"category": "general",
"text": "Under certain circumstances, a call to the \u003ccode\u003ebind\u003c/code\u003e function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29549",
"url": "https://www.suse.com/security/cve/CVE-2023-29549"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29549",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29549"
},
{
"cve": "CVE-2023-29550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29550"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers Randell Jesup, Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 112, Focus for Android \u003c 112, Firefox ESR \u003c 102.10, Firefox for Android \u003c 112, and Thunderbird \u003c 102.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29550",
"url": "https://www.suse.com/security/cve/CVE-2023-29550"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29550",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29550"
},
{
"cve": "CVE-2023-29551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29551"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android \u003c 112, Firefox \u003c 112, and Focus for Android \u003c 112.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29551",
"url": "https://www.suse.com/security/cve/CVE-2023-29551"
},
{
"category": "external",
"summary": "SUSE Bug 1210212 for CVE-2023-29551",
"url": "https://bugzilla.suse.com/1210212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-112.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-112.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-29551"
}
]
}
OPENSUSE-SU-2024:14572-1
Vulnerability from csaf_opensuse - Published: 2024-12-12 00:00 - Updated: 2024-12-12 00:00Summary
firefox-esr-128.5.1-1.1 on GA media
Notes
Title of the patch
firefox-esr-128.5.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the firefox-esr-128.5.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14572
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).