Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-6871 (GCVE-0-2023-6871)
Vulnerability from cvelistv5 – Published: 2023-12-19 13:38 – Updated: 2024-08-02 08:42
VLAI?
EPSS
Summary
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.
Severity ?
No CVSS data available.
CWE
- Lack of protocol handler warning in some instances
Assigner
References
Credits
Edward "JankhJankh" Prior
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828334"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "121",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Edward \"JankhJankh\" Prior"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121."
}
],
"value": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Lack of protocol handler warning in some instances",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-30T19:16:42.367Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828334"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2023-6871",
"datePublished": "2023-12-19T13:38:53.927Z",
"dateReserved": "2023-12-15T17:42:57.870Z",
"dateUpdated": "2024-08-02T08:42:07.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"121.0\", \"matchCriteriaId\": \"A3D81D72-5965-4DB7-BFA7-9A32A9108919\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121.\"}, {\"lang\": \"es\", \"value\": \"Bajo ciertas condiciones, Firefox no mostraba una advertencia cuando un usuario intentaba navegar a un nuevo controlador de protocolo. Esta vulnerabilidad afecta a Firefox \u0026lt; 121.\"}]",
"id": "CVE-2023-6871",
"lastModified": "2024-11-21T08:44:43.863",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}]}",
"published": "2023-12-19T14:15:08.133",
"references": "[{\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1828334\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\", \"Permissions Required\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1828334\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Permissions Required\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2023-56/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-6871\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2023-12-19T14:15:08.133\",\"lastModified\":\"2024-11-21T08:44:43.863\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121.\"},{\"lang\":\"es\",\"value\":\"Bajo ciertas condiciones, Firefox no mostraba una advertencia cuando un usuario intentaba navegar a un nuevo controlador de protocolo. Esta vulnerabilidad afecta a Firefox \u0026lt; 121.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"121.0\",\"matchCriteriaId\":\"A3D81D72-5965-4DB7-BFA7-9A32A9108919\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1828334\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-56/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1828334\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-56/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
OPENSUSE-SU-2024:13531-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaFirefox-121.0-1.1 on GA media
Notes
Title of the patch
MozillaFirefox-121.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the MozillaFirefox-121.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13531
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-121.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-121.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13531",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13531-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6135 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6856 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6857 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6858 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6859 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6860 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6861 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6866 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6868 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6869 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6870 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6871 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6872 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6873 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6873/"
}
],
"title": "MozillaFirefox-121.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13531-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-devel-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-121.0-1.1.s390x",
"product_id": "MozillaFirefox-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.s390x",
"product_id": "MozillaFirefox-devel-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-devel-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-121.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-121.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-121.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-121.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6135"
}
],
"notes": [
{
"category": "general",
"text": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6135",
"url": "https://www.suse.com/security/cve/CVE-2023-6135"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6135",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6135"
},
{
"cve": "CVE-2023-6856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6856"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6856",
"url": "https://www.suse.com/security/cve/CVE-2023-6856"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6856",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6856"
},
{
"cve": "CVE-2023-6857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6857"
}
],
"notes": [
{
"category": "general",
"text": "When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. \n*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6857",
"url": "https://www.suse.com/security/cve/CVE-2023-6857"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6857",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6857"
},
{
"cve": "CVE-2023-6858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6858"
}
],
"notes": [
{
"category": "general",
"text": "Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6858",
"url": "https://www.suse.com/security/cve/CVE-2023-6858"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6858",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6858"
},
{
"cve": "CVE-2023-6859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6859"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6859",
"url": "https://www.suse.com/security/cve/CVE-2023-6859"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6859",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6859"
},
{
"cve": "CVE-2023-6860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6860"
}
],
"notes": [
{
"category": "general",
"text": "The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6860",
"url": "https://www.suse.com/security/cve/CVE-2023-6860"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6860",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6860"
},
{
"cve": "CVE-2023-6861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6861"
}
],
"notes": [
{
"category": "general",
"text": "The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6861",
"url": "https://www.suse.com/security/cve/CVE-2023-6861"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6861",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6861"
},
{
"cve": "CVE-2023-6863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6863"
}
],
"notes": [
{
"category": "general",
"text": "The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6863",
"url": "https://www.suse.com/security/cve/CVE-2023-6863"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6863",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6863"
},
{
"cve": "CVE-2023-6864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6864"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6864",
"url": "https://www.suse.com/security/cve/CVE-2023-6864"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6864",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6864"
},
{
"cve": "CVE-2023-6865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6865"
}
],
"notes": [
{
"category": "general",
"text": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6865",
"url": "https://www.suse.com/security/cve/CVE-2023-6865"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6865",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6865"
},
{
"cve": "CVE-2023-6866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6866"
}
],
"notes": [
{
"category": "general",
"text": "TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6866",
"url": "https://www.suse.com/security/cve/CVE-2023-6866"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6866",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6866"
},
{
"cve": "CVE-2023-6867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6867"
}
],
"notes": [
{
"category": "general",
"text": "The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6867",
"url": "https://www.suse.com/security/cve/CVE-2023-6867"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6867",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6867"
},
{
"cve": "CVE-2023-6868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6868"
}
],
"notes": [
{
"category": "general",
"text": "In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.\n*This bug only affects Firefox on Android.* This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6868",
"url": "https://www.suse.com/security/cve/CVE-2023-6868"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6868",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6868"
},
{
"cve": "CVE-2023-6869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6869"
}
],
"notes": [
{
"category": "general",
"text": "A `\u0026lt;dialog\u003e` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6869",
"url": "https://www.suse.com/security/cve/CVE-2023-6869"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6869",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6869"
},
{
"cve": "CVE-2023-6870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6870"
}
],
"notes": [
{
"category": "general",
"text": "Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. \n*This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6870",
"url": "https://www.suse.com/security/cve/CVE-2023-6870"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6870",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6870"
},
{
"cve": "CVE-2023-6871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6871"
}
],
"notes": [
{
"category": "general",
"text": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6871",
"url": "https://www.suse.com/security/cve/CVE-2023-6871"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6871",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6871"
},
{
"cve": "CVE-2023-6872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6872"
}
],
"notes": [
{
"category": "general",
"text": "Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6872",
"url": "https://www.suse.com/security/cve/CVE-2023-6872"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6872",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6872"
},
{
"cve": "CVE-2023-6873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6873"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6873",
"url": "https://www.suse.com/security/cve/CVE-2023-6873"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6873",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-121.0-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-121.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-6873"
}
]
}
OPENSUSE-SU-2024:14572-1
Vulnerability from csaf_opensuse - Published: 2024-12-12 00:00 - Updated: 2024-12-12 00:00Summary
firefox-esr-128.5.1-1.1 on GA media
Notes
Title of the patch
firefox-esr-128.5.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the firefox-esr-128.5.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14572
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).