Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-6865 (GCVE-0-2023-6865)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2025-02-13 17:26
VLAI
EPSS
Summary
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
Severity
No CVSS data available.
CWE
- Potential exposure of uninitialized data in EncryptingOutputStream
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Mozilla | Firefox ESR |
Affected:
unspecified , < 115.6
(custom)
|
|
| Mozilla | Firefox |
Affected:
unspecified , < 121
(custom)
|
Credits
Jan Varga
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jan Varga"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ccode\u003eEncryptingOutputStream\u003c/code\u003e was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
}
],
"value": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential exposure of uninitialized data in EncryptingOutputStream",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:08:03.932Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6865",
"datePublished": "2023-12-19T13:38:47.449Z",
"dateReserved": "2023-12-15T17:42:56.728Z",
"dateUpdated": "2025-02-13T17:26:38.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-6865",
"date": "2026-05-27",
"epss": "0.00414",
"percentile": "0.61701"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"121.0\", \"matchCriteriaId\": \"A3D81D72-5965-4DB7-BFA7-9A32A9108919\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"115.6\", \"matchCriteriaId\": \"46B36C5E-77B7-4FBF-8B7A-6F794C8B8B2B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.\"}, {\"lang\": \"es\", \"value\": \"`EncryptingOutputStream` era susceptible de exponer datos no inicializados. S\\u00f3lo se puede abusar de este problema para escribir datos en un disco local, lo que puede tener implicaciones para el modo de navegaci\\u00f3n privada. Esta vulnerabilidad afecta a Firefox ESR \u0026lt;115.6 y Firefox \u0026lt;121.\"}]",
"id": "CVE-2023-6865",
"lastModified": "2024-11-21T08:44:43.033",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}",
"published": "2023-12-19T14:15:07.777",
"references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1864123\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\", \"Permissions Required\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5581\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-54/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1864123\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Permissions Required\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5581\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-54/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-6865\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2023-12-19T14:15:07.777\",\"lastModified\":\"2024-11-21T08:44:43.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.\"},{\"lang\":\"es\",\"value\":\"`EncryptingOutputStream` era susceptible de exponer datos no inicializados. S\u00f3lo se puede abusar de este problema para escribir datos en un disco local, lo que puede tener implicaciones para el modo de navegaci\u00f3n privada. Esta vulnerabilidad afecta a Firefox ESR \u0026lt;115.6 y Firefox \u0026lt;121.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"121.0\",\"matchCriteriaId\":\"A3D81D72-5965-4DB7-BFA7-9A32A9108919\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"115.6\",\"matchCriteriaId\":\"46B36C5E-77B7-4FBF-8B7A-6F794C8B8B2B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1864123\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5581\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-54/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-56/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1864123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-54/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-56/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2023-AVI-1048
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Firefox | Firefox versions antérieures à 121 | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 115.6 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 115.6 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 121",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 115.6",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.6",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-6867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6867"
},
{
"name": "CVE-2023-6862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6862"
},
{
"name": "CVE-2023-50762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50762"
},
{
"name": "CVE-2023-6857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6857"
},
{
"name": "CVE-2023-6858",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6858"
},
{
"name": "CVE-2023-6869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6869"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2023-6865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6865"
},
{
"name": "CVE-2023-6868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6868"
},
{
"name": "CVE-2023-6861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6861"
},
{
"name": "CVE-2023-50761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50761"
},
{
"name": "CVE-2023-6870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6870"
},
{
"name": "CVE-2023-6871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6871"
},
{
"name": "CVE-2023-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6860"
},
{
"name": "CVE-2023-6864",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6864"
},
{
"name": "CVE-2023-6863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6863"
},
{
"name": "CVE-2023-6872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6872"
},
{
"name": "CVE-2023-6859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6859"
},
{
"name": "CVE-2023-6873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6873"
},
{
"name": "CVE-2023-6856",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6856"
},
{
"name": "CVE-2023-6866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6866"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-1048",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Mozilla\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une ex\u00e9cution\nde code arbitraire \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-56 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-54 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-55 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/"
}
]
}
CERTFR-2023-AVI-1048
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Firefox | Firefox versions antérieures à 121 | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 115.6 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 115.6 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firefox versions ant\u00e9rieures \u00e0 121",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 115.6",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.6",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-6867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6867"
},
{
"name": "CVE-2023-6862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6862"
},
{
"name": "CVE-2023-50762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50762"
},
{
"name": "CVE-2023-6857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6857"
},
{
"name": "CVE-2023-6858",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6858"
},
{
"name": "CVE-2023-6869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6869"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2023-6865",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6865"
},
{
"name": "CVE-2023-6868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6868"
},
{
"name": "CVE-2023-6861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6861"
},
{
"name": "CVE-2023-50761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50761"
},
{
"name": "CVE-2023-6870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6870"
},
{
"name": "CVE-2023-6871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6871"
},
{
"name": "CVE-2023-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6860"
},
{
"name": "CVE-2023-6864",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6864"
},
{
"name": "CVE-2023-6863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6863"
},
{
"name": "CVE-2023-6872",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6872"
},
{
"name": "CVE-2023-6859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6859"
},
{
"name": "CVE-2023-6873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6873"
},
{
"name": "CVE-2023-6856",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6856"
},
{
"name": "CVE-2023-6866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6866"
}
],
"links": [],
"reference": "CERTFR-2023-AVI-1048",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Mozilla\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une ex\u00e9cution\nde code arbitraire \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-56 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-54 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2023-55 du 19 d\u00e9cembre 2023",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/"
}
]
}
alsa-2024:0012
Vulnerability from osv_almalinux
Published
2024-01-02 00:00
Modified
2024-01-04 14:29
Summary
Important: firefox security update
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.6.0 ESR.
Security Fix(es):
- Mozilla: Heap-buffer-overflow affecting WebGL
DrawElementsInstancedmethod with Mesa VM driver (CVE-2023-6856) - Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)
- Mozilla: Potential exposure of uninitialized data in
EncryptingOutputStream(CVE-2023-6865) - Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)
- Mozilla: Heap buffer overflow in
nsTextFragment(CVE-2023-6858) - Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)
- Mozilla: Potential sandbox escape due to
VideoBridgelack of texture validation (CVE-2023-6860) - Mozilla: Heap buffer overflow affected
nsWindow::PickerOpen(void)in headless mode (CVE-2023-6861) - Mozilla: Use-after-free in
nsDNSService(CVE-2023-6862) - Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)
- Mozilla: Undefined behavior in
ShutdownObserver()(CVE-2023-6863)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "firefox"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "115.6.0-1.el8_9.alma"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 115.6.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Heap-buffer-overflow affecting WebGL \u003ccode\u003eDrawElementsInstanced\u003c/code\u003e method with Mesa VM driver (CVE-2023-6856)\n* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)\n* Mozilla: Potential exposure of uninitialized data in \u003ccode\u003eEncryptingOutputStream\u003c/code\u003e (CVE-2023-6865)\n* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)\n* Mozilla: Heap buffer overflow in \u003ccode\u003ensTextFragment\u003c/code\u003e (CVE-2023-6858)\n* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)\n* Mozilla: Potential sandbox escape due to \u003ccode\u003eVideoBridge\u003c/code\u003e lack of texture validation (CVE-2023-6860)\n* Mozilla: Heap buffer overflow affected \u003ccode\u003ensWindow::PickerOpen(void)\u003c/code\u003e in headless mode (CVE-2023-6861)\n* Mozilla: Use-after-free in \u003ccode\u003ensDNSService\u003c/code\u003e (CVE-2023-6862)\n* Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)\n* Mozilla: Undefined behavior in \u003ccode\u003eShutdownObserver()\u003c/code\u003e (CVE-2023-6863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2024:0012",
"modified": "2024-01-04T14:29:24Z",
"published": "2024-01-02T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:0012"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6856"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6857"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6858"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6859"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6860"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6861"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6862"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6863"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6864"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6865"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6867"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255360"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255361"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255362"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255363"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255364"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255365"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255366"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255367"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255368"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255369"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255370"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2024-0012.html"
}
],
"related": [
"CVE-2023-6856",
"CVE-2023-6864",
"CVE-2023-6865",
"CVE-2023-6857",
"CVE-2023-6858",
"CVE-2023-6859",
"CVE-2023-6860",
"CVE-2023-6861",
"CVE-2023-6862",
"CVE-2023-6867",
"CVE-2023-6863"
],
"summary": "Important: firefox security update"
}
alsa-2024:0025
Vulnerability from osv_almalinux
Published
2024-01-02 00:00
Modified
2024-01-03 17:14
Summary
Important: firefox security update
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.6.0 ESR.
Security Fix(es):
- Mozilla: Heap-buffer-overflow affecting WebGL
DrawElementsInstancedmethod with Mesa VM driver (CVE-2023-6856) - Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)
- Mozilla: Potential exposure of uninitialized data in
EncryptingOutputStream(CVE-2023-6865) - Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)
- Mozilla: Heap buffer overflow in
nsTextFragment(CVE-2023-6858) - Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)
- Mozilla: Potential sandbox escape due to
VideoBridgelack of texture validation (CVE-2023-6860) - Mozilla: Heap buffer overflow affected
nsWindow::PickerOpen(void)in headless mode (CVE-2023-6861) - Mozilla: Use-after-free in
nsDNSService(CVE-2023-6862) - Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)
- Mozilla: Undefined behavior in
ShutdownObserver()(CVE-2023-6863)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "firefox"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "115.6.0-1.el9_3.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "firefox-x11"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "115.6.0-1.el9_3.alma"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 115.6.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Heap-buffer-overflow affecting WebGL \u003ccode\u003eDrawElementsInstanced\u003c/code\u003e method with Mesa VM driver (CVE-2023-6856)\n* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)\n* Mozilla: Potential exposure of uninitialized data in \u003ccode\u003eEncryptingOutputStream\u003c/code\u003e (CVE-2023-6865)\n* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)\n* Mozilla: Heap buffer overflow in \u003ccode\u003ensTextFragment\u003c/code\u003e (CVE-2023-6858)\n* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)\n* Mozilla: Potential sandbox escape due to \u003ccode\u003eVideoBridge\u003c/code\u003e lack of texture validation (CVE-2023-6860)\n* Mozilla: Heap buffer overflow affected \u003ccode\u003ensWindow::PickerOpen(void)\u003c/code\u003e in headless mode (CVE-2023-6861)\n* Mozilla: Use-after-free in \u003ccode\u003ensDNSService\u003c/code\u003e (CVE-2023-6862)\n* Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)\n* Mozilla: Undefined behavior in \u003ccode\u003eShutdownObserver()\u003c/code\u003e (CVE-2023-6863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2024:0025",
"modified": "2024-01-03T17:14:01Z",
"published": "2024-01-02T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2024:0025"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6856"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6857"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6858"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6859"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6860"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6861"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6862"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6863"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6864"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6865"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-6867"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255360"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255361"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255362"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255363"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255364"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255365"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255366"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255367"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255368"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255369"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2255370"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2024-0025.html"
}
],
"related": [
"CVE-2023-6856",
"CVE-2023-6864",
"CVE-2023-6865",
"CVE-2023-6857",
"CVE-2023-6858",
"CVE-2023-6859",
"CVE-2023-6860",
"CVE-2023-6861",
"CVE-2023-6862",
"CVE-2023-6867",
"CVE-2023-6863"
],
"summary": "Important: firefox security update"
}
BDU:2023-09059
Vulnerability from fstec - Published: 19.12.2023
VLAI
Title
Уязвимость режима инкогнито браузеров Mozilla Firefox, Firefox ESR, связанная с использованием неинициализированных переменных, позволяющая нарушителю раскрыть защищаемую информацию
Description
Уязвимость режима инкогнито браузеров Mozilla Firefox, Firefox ESR связана с использованием неинициализированных переменных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, раскрыть защищаемую информацию
Severity
Vendor
ООО «РусБИТех-Астра», ООО «Ред Софт», АО «ИВК», Mozilla Corp., АО "НППКТ"
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), РЕД ОС (запись в едином реестре российских программ №3751), АЛЬТ СП 10, Firefox, Firefox ESR, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
1.6 «Смоленск» (Astra Linux Special Edition), 7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), - (АЛЬТ СП 10), до 121 (Firefox), до 115.6 (Firefox ESR), до 2.10 (ОСОН ОСнова Оnyx)
Possible Mitigations
Использование рекомендаций:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/
Для ОС Альт 8 СП (релиз 10): установка обновления из публичного репозитория программного средства
Для ОСОН ОСнова Оnyx (версия 2.10):
Обновление программного обеспечения firefox-esr до версии 115.8.0esr+repack-1~deb10u1.osnova1
Для ОС Astra Linux:
обновить пакет firefox до 127.0.2+build1-0ubuntu0.20.04.1~mt1+ci202407030910+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17
Для РЕД ОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для Astra Linux Special Edition 1.6 «Смоленск»::
обновить пакет firefox до 128.0+build2-0ubuntu0.20.04.1+ci202407111318+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16
Для Astra Linux Special Edition 4.7 для архитектуры ARM:
обновить пакет firefox до 131.0.2+build1-0ubuntu0.20.04.1~mt1+ci202410111226+astra13 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
Reference
https://cxsecurity.com/cveshow/CVE-2023-6865
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/
https://www.cybersecurity-help.cz/vdb/SB2023121946
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.10/
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
CWE
CWE-457
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Mozilla Corp., \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), - (\u0410\u041b\u042c\u0422 \u0421\u041f 10), \u0434\u043e 121 (Firefox), \u0434\u043e 115.6 (Firefox ESR), \u0434\u043e 2.10 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-56/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-54/\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0440\u0435\u043b\u0438\u0437 10): \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0432\u0435\u0440\u0441\u0438\u044f 2.10):\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f firefox-esr \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 115.8.0esr+repack-1~deb10u1.osnova1\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 firefox \u0434\u043e 127.0.2+build1-0ubuntu0.20.04.1~mt1+ci202407030910+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n\n\u0414\u043b\u044f \u0420\u0415\u0414 \u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb::\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 firefox \u0434\u043e 128.0+build2-0ubuntu0.20.04.1+ci202407111318+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 firefox \u0434\u043e 131.0.2+build1-0ubuntu0.20.04.1~mt1+ci202410111226+astra13 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "19.12.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.11.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "25.12.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-09059",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-6865",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u041b\u042c\u0422 \u0421\u041f 10, Firefox, Firefox ESR, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u041b\u042c\u0422 \u0421\u041f 10 - , \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.10 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0436\u0438\u043c\u0430 \u0438\u043d\u043a\u043e\u0433\u043d\u0438\u0442\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 Mozilla Firefox, Firefox ESR, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 (CWE-457)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0436\u0438\u043c\u0430 \u0438\u043d\u043a\u043e\u0433\u043d\u0438\u0442\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 Mozilla Firefox, Firefox ESR \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u042d\u0442\u0430 \u043e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Firefox \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043d\u0430 \u0431\u0430\u0437\u0435 Unix (Android, Linux, MacOS). Windows \u043d\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430.",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cxsecurity.com/cveshow/CVE-2023-6865\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-56/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-54/\nhttps://www.cybersecurity-help.cz/vdb/SB2023121946\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.10/\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-457",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}
CNVD-2025-01200
Vulnerability from cnvd - Published: 2025-01-17
VLAI
Title
Mozilla Firefox和Firefox ESR信息泄露漏洞(CNVD-2025-0120049)
Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。
Mozilla Firefox和Firefox ESR信息泄露漏洞,攻击者可利用此漏洞获取敏感信息。
Severity
高
Patch Name
Mozilla Firefox和Firefox ESR信息泄露漏洞(CNVD-2025-0120049)的补丁
Patch Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。Mozilla Firefox ESR是Firefox(Web浏览器)的一个延长支持版本。
Mozilla Firefox和Firefox ESR信息泄露漏洞,攻击者可利用此漏洞获取敏感信息。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://www.mozilla.org/en-US/firefox/115.6.0/releasenotes/
Reference
https://cxsecurity.com/cveshow/CVE-2023-6865/
Impacted products
| Name | ['Mozilla Firefox ESR <115.6', 'Mozilla Firefox <121'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2023-6865",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-6865"
}
},
"description": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002Mozilla Firefox ESR\u662fFirefox\uff08Web\u6d4f\u89c8\u5668\uff09\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002\n\nMozilla Firefox\u548cFirefox ESR\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.mozilla.org/en-US/firefox/115.6.0/releasenotes/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-01200",
"openTime": "2025-01-17",
"patchDescription": "Mozilla Firefox\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90Web\u6d4f\u89c8\u5668\u3002Mozilla Firefox ESR\u662fFirefox\uff08Web\u6d4f\u89c8\u5668\uff09\u7684\u4e00\u4e2a\u5ef6\u957f\u652f\u6301\u7248\u672c\u3002\r\n\r\nMozilla Firefox\u548cFirefox ESR\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Mozilla Firefox\u548cFirefox ESR\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2025-0120049\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Mozilla Firefox ESR \u003c115.6",
"Mozilla Firefox \u003c121"
]
},
"referenceLink": "https://cxsecurity.com/cveshow/CVE-2023-6865/",
"serverity": "\u9ad8",
"submitTime": "2023-12-21",
"title": "Mozilla Firefox\u548cFirefox ESR\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2025-0120049\uff09"
}
FKIE_CVE-2023-6865
Vulnerability from fkie_nvd - Published: 2023-12-19 14:15 - Updated: 2024-11-21 08:44
Severity
Summary
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
References
| URL | Tags | ||
|---|---|---|---|
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=1864123 | Issue Tracking, Permissions Required | |
| security@mozilla.org | https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html | Mailing List, Third Party Advisory | |
| security@mozilla.org | https://security.gentoo.org/glsa/202401-10 | Third Party Advisory | |
| security@mozilla.org | https://www.debian.org/security/2023/dsa-5581 | Third Party Advisory | |
| security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2023-54/ | Vendor Advisory | |
| security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2023-56/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=1864123 | Issue Tracking, Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202401-10 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5581 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mozilla.org/security/advisories/mfsa2023-54/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mozilla.org/security/advisories/mfsa2023-56/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox_esr | * | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| debian | debian_linux | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919",
"versionEndExcluding": "121.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46B36C5E-77B7-4FBF-8B7A-6F794C8B8B2B",
"versionEndExcluding": "115.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
},
{
"lang": "es",
"value": "`EncryptingOutputStream` era susceptible de exponer datos no inicializados. S\u00f3lo se puede abusar de este problema para escribir datos en un disco local, lo que puede tener implicaciones para el modo de navegaci\u00f3n privada. Esta vulnerabilidad afecta a Firefox ESR \u0026lt;115.6 y Firefox \u0026lt;121."
}
],
"id": "CVE-2023-6865",
"lastModified": "2024-11-21T08:44:43.033",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-19T14:15:07.777",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-5C8H-J5H5-R8W3
Vulnerability from github – Published: 2023-12-19 15:30 – Updated: 2023-12-22 12:31
VLAI
Details
EncryptingOutputStream was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
Severity
6.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2023-6865"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-19T14:15:07Z",
"severity": "MODERATE"
},
"details": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"id": "GHSA-5c8h-j5h5-r8w3",
"modified": "2023-12-22T12:31:46Z",
"published": "2023-12-19T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6865"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2023-6865
Vulnerability from gsd - Updated: 2023-12-16 06:01Details
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-6865"
],
"details": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"id": "GSD-2023-6865",
"modified": "2023-12-16T06:01:29.669109Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2023-6865",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "115.6"
}
]
}
},
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "unspecified",
"version_value": "121"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Jan Varga"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential exposure of uninitialized data in EncryptingOutputStream"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-54/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
},
{
"name": "https://www.debian.org/security/2023/dsa-5581",
"refsource": "MISC",
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"name": "https://security.gentoo.org/glsa/202401-10",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919",
"versionEndExcluding": "121.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46B36C5E-77B7-4FBF-8B7A-6F794C8B8B2B",
"versionEndExcluding": "115.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121."
},
{
"lang": "es",
"value": "`EncryptingOutputStream` era susceptible de exponer datos no inicializados. S\u00f3lo se puede abusar de este problema para escribir datos en un disco local, lo que puede tener implicaciones para el modo de navegaci\u00f3n privada. Esta vulnerabilidad afecta a Firefox ESR \u0026lt;115.6 y Firefox \u0026lt;121."
}
],
"id": "CVE-2023-6865",
"lastModified": "2024-02-02T02:35:21.153",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-19T14:15:07.777",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5581"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
OPENSUSE-SU-2024:13531-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaFirefox-121.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaFirefox-121.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaFirefox-121.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13531
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
56 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2023-6135/ | self |
| https://www.suse.com/security/cve/CVE-2023-6856/ | self |
| https://www.suse.com/security/cve/CVE-2023-6857/ | self |
| https://www.suse.com/security/cve/CVE-2023-6858/ | self |
| https://www.suse.com/security/cve/CVE-2023-6859/ | self |
| https://www.suse.com/security/cve/CVE-2023-6860/ | self |
| https://www.suse.com/security/cve/CVE-2023-6861/ | self |
| https://www.suse.com/security/cve/CVE-2023-6863/ | self |
| https://www.suse.com/security/cve/CVE-2023-6864/ | self |
| https://www.suse.com/security/cve/CVE-2023-6865/ | self |
| https://www.suse.com/security/cve/CVE-2023-6866/ | self |
| https://www.suse.com/security/cve/CVE-2023-6867/ | self |
| https://www.suse.com/security/cve/CVE-2023-6868/ | self |
| https://www.suse.com/security/cve/CVE-2023-6869/ | self |
| https://www.suse.com/security/cve/CVE-2023-6870/ | self |
| https://www.suse.com/security/cve/CVE-2023-6871/ | self |
| https://www.suse.com/security/cve/CVE-2023-6872/ | self |
| https://www.suse.com/security/cve/CVE-2023-6873/ | self |
| https://www.suse.com/security/cve/CVE-2023-6135 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6856 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6857 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6858 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6859 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6860 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6861 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6863 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6864 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6865 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6866 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6867 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6868 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6869 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6870 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6871 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6872 | external |
| https://bugzilla.suse.com/1217974 | external |
| https://www.suse.com/security/cve/CVE-2023-6873 | external |
| https://bugzilla.suse.com/1217974 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-121.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-121.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13531",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13531-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6135 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6856 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6857 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6858 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6859 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6860 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6861 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6866 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6868 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6869 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6870 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6871 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6872 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6873 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6873/"
}
],
"title": "MozillaFirefox-121.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13531-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-devel-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-121.0-1.1.s390x",
"product_id": "MozillaFirefox-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.s390x",
"product_id": "MozillaFirefox-devel-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-devel-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6135"
}
],
"notes": [
{
"category": "general",
"text": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6135",
"url": "https://www.suse.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6135",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6135"
},
{
"cve": "CVE-2023-6856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6856"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6856",
"url": "https://www.suse.com/security/cve/CVE-2023-6856"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6856",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6856"
},
{
"cve": "CVE-2023-6857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6857"
}
],
"notes": [
{
"category": "general",
"text": "When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. \n*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6857",
"url": "https://www.suse.com/security/cve/CVE-2023-6857"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6857",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6857"
},
{
"cve": "CVE-2023-6858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6858"
}
],
"notes": [
{
"category": "general",
"text": "Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6858",
"url": "https://www.suse.com/security/cve/CVE-2023-6858"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6858",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6858"
},
{
"cve": "CVE-2023-6859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6859"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6859",
"url": "https://www.suse.com/security/cve/CVE-2023-6859"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6859",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6859"
},
{
"cve": "CVE-2023-6860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6860"
}
],
"notes": [
{
"category": "general",
"text": "The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6860",
"url": "https://www.suse.com/security/cve/CVE-2023-6860"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6860",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6860"
},
{
"cve": "CVE-2023-6861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6861"
}
],
"notes": [
{
"category": "general",
"text": "The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6861",
"url": "https://www.suse.com/security/cve/CVE-2023-6861"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6861",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6861"
},
{
"cve": "CVE-2023-6863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6863"
}
],
"notes": [
{
"category": "general",
"text": "The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6863",
"url": "https://www.suse.com/security/cve/CVE-2023-6863"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6863",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6863"
},
{
"cve": "CVE-2023-6864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6864"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6864",
"url": "https://www.suse.com/security/cve/CVE-2023-6864"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6864",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6864"
},
{
"cve": "CVE-2023-6865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6865"
}
],
"notes": [
{
"category": "general",
"text": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6865",
"url": "https://www.suse.com/security/cve/CVE-2023-6865"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6865",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6865"
},
{
"cve": "CVE-2023-6866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6866"
}
],
"notes": [
{
"category": "general",
"text": "TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6866",
"url": "https://www.suse.com/security/cve/CVE-2023-6866"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6866",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6866"
},
{
"cve": "CVE-2023-6867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6867"
}
],
"notes": [
{
"category": "general",
"text": "The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6867",
"url": "https://www.suse.com/security/cve/CVE-2023-6867"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6867",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6867"
},
{
"cve": "CVE-2023-6868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6868"
}
],
"notes": [
{
"category": "general",
"text": "In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.\n*This bug only affects Firefox on Android.* This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6868",
"url": "https://www.suse.com/security/cve/CVE-2023-6868"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6868",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6868"
},
{
"cve": "CVE-2023-6869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6869"
}
],
"notes": [
{
"category": "general",
"text": "A `\u0026lt;dialog\u003e` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6869",
"url": "https://www.suse.com/security/cve/CVE-2023-6869"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6869",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6869"
},
{
"cve": "CVE-2023-6870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6870"
}
],
"notes": [
{
"category": "general",
"text": "Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. \n*This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6870",
"url": "https://www.suse.com/security/cve/CVE-2023-6870"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6870",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6870"
},
{
"cve": "CVE-2023-6871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6871"
}
],
"notes": [
{
"category": "general",
"text": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6871",
"url": "https://www.suse.com/security/cve/CVE-2023-6871"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6871",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6871"
},
{
"cve": "CVE-2023-6872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6872"
}
],
"notes": [
{
"category": "general",
"text": "Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6872",
"url": "https://www.suse.com/security/cve/CVE-2023-6872"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6872",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6872"
},
{
"cve": "CVE-2023-6873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6873"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6873",
"url": "https://www.suse.com/security/cve/CVE-2023-6873"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6873",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6873"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…